All Access Protocols

SSH Access

Secure SSH access with certificate authentication, session recording, and command logging. No more SSH keys, no more credential sprawl.

Start Free TrialRead Docs
Features

Enterprise SSH Security

Everything you need to secure server access without slowing down your teams.

Certificate Authentication

Short-lived certificates eliminate SSH keys. No more key sprawl or manual rotation.

Session Recording

Record and replay every SSH session for compliance, training, and forensics.

Command Logging

Log every command executed with timestamps, user identity, and server context.

Zero Trust Security

Every connection is authenticated and authorized. No implicit trust.

Just-in-Time Access

Time-bound access with approval workflows. Privileges expire automatically.

RBAC Enforcement

Fine-grained access control by server, user, group, or label.

How It Works

SSH Made Simple

Secure access without complexity.

1

Authenticate

Users authenticate via SSO with MFA. No SSH keys required.

2

Request Access

Select the server and role. Low-risk requests auto-approve.

3

Connect

TigerAccess issues a short-lived certificate and proxies the connection.

4

Record

Every command and output is logged. Sessions can be replayed.

Benefits

Why Certificate-Based SSH?

Traditional SSH key management is a security nightmare. TigerAccess eliminates keys entirely with short-lived certificates.

  • Eliminate SSH key management overhead
  • Meet compliance requirements with session recording
  • Reduce attack surface with just-in-time access
  • Get complete visibility into server access
  • Enforce least privilege with fine-grained RBAC
  • Integrate with existing identity providers

Simple CLI

# Login with SSO
$ tsh login --proxy=access.company.com
# List available servers
$ tsh ls
# Connect to server
$ tsh ssh user@server-name
FAQs

Frequently Asked Questions

Common questions about SSH access with TigerAccess.

You need to install the TigerAccess agent on servers you want to access. The agent is a single binary that handles certificate authentication and connects to your TigerAccess cluster via reverse tunnel. It takes about 5 minutes to set up per server.
TigerAccess eliminates the need for SSH keys entirely. Users authenticate with their identity provider and receive short-lived certificates. However, you can run TigerAccess alongside existing SSH key authentication during migration.
TigerAccess records the full terminal session including all input and output. Recordings are stored encrypted and can be replayed in the web UI. You can search recordings by user, server, time, or even command content.
TigerAccess replaces traditional bastion hosts. The proxy service handles all SSH connections with certificate authentication, removing the need for a separate bastion infrastructure.
Yes, TigerAccess supports command restrictions through RBAC policies. You can allow or deny specific commands, restrict access to certain directories, or limit users to specific shells.
Users cannot initiate new SSH sessions if the cluster is unavailable. Active sessions may continue depending on configuration. For high availability, deploy TigerAccess in multiple regions with automatic failover.

Ready to Secure Your Infrastructure?

Join thousands of security-conscious teams using TigerAccess to protect their critical infrastructure and AI agents.

Start Free TrialContact Sales

No credit card required • 14-day free trial • Enterprise support available