How It Works

Controlled SSH access without shared keys or guesswork

GrantSSH gives teams a clear, auditable way to control SSH access. You define who can access which servers and accounts, for how long, and the agent keeps each server's authorized keys in sync.

Access is defined as permissions

Permissions tie a team member to a specific server account and schedule.

Enforcement happens on your servers

The open-source agent updates authorized keys locally based on current permissions.

SSH activity is visible

Logins, disconnects, sudo use, and failed login summaries are collected from your servers.

The simple flow

GrantSSH is intentionally focused on SSH access management. It does not replace SSH or change your login workflow. It keeps access clean, time-bound, and auditable.

1

Add a server and install the agent

Create a server in the dashboard, then install the open-source agent using a claim code or team enrolment token.

2

Approve the server and define accounts

A manager approves the server once the agent checks in, then defines the OS-level server accounts GrantSSH should manage.

3

Define permissions

Permissions connect team members or member groups to server accounts and schedules.

4

Access is enforced locally

When a permission is active, the key is present. When it becomes inactive, the agent removes it on the next poll.

5

SSH activity is recorded

The agent reports logins, disconnects, sudo use, and failed login summaries to the team activity log.

Predictable enforcement

Changes are applied on the agent polling interval. Access is as fresh as the poll schedule.

No SSH proxying

Users connect with their normal SSH clients. GrantSSH does not sit in the middle.

Open-source agent

The server-side agent is inspectable and runs inside your infrastructure.

Core concepts GrantSSH uses

These definitions keep access conversations precise and unambiguous.

Team

The team account that owns members, servers, permissions, and SSH activity events.

Team member

A human with a GrantSSH account who uploads their own SSH public keys.

Server

A machine with the GrantSSH agent installed to manage access locally.

Server account

An OS-level user on a server, such as deploy or ubuntu.

Permission

The access rule that ties a team member to a server account and schedule.

Group

A named set of team members. Permissions can target a group so you grant access to several people at once.

Activity event

An SSH-related event reported by the agent, such as a login, disconnect, sudo command, or failed login summary.

How access is granted and enforced

Access is explicit, time-bound, and enforced by key presence in authorized keys.

Request and approval

Members can request access. Managers and owners can approve, reject, or adjust details before a permission is created.

Schedule types

  • Permanent access
  • Date range access
  • Time-of-day and day-of-week windows

Enforced by key presence

When a permission is active, the agent ensures the user's public key is in the target server account authorized_keys. When inactive, it is removed on the next poll.

Schedule-driven removal

Access ends when a permission becomes inactive. The agent removes keys on its polling interval — typically within 30 to 120 seconds.

SSH key handling, clearly scoped

GrantSSH manages public keys only. It never asks for or stores private keys.

Public keys only

  • Team members upload their own public keys
  • No private key handling, storage, or generation
  • Keys sync to servers when access is active

No workflow change

Users connect with standard SSH clients. GrantSSH is not a bastion, proxy, or session recorder.

SSH activity and visibility

Activity events give teams a timeline of SSH usage reported from their servers.

Events captured

  • SSH login events
  • SSH disconnect events
  • Sudo usage events
  • Failed login summaries

Server-side collection

Events come from the agent on each server — not from session recording, command logging, or proxying SSH traffic.

Roles and capabilities

Different responsibilities require different levels of control.

Member

  • Manage their own public keys
  • Request access permissions
  • View team SSH activity

Manager

  • Approve or reject access requests
  • Create and modify permissions directly
  • View and filter the full team activity log

Owner

  • Invite and remove team members
  • Change roles
  • All manager capabilities

What GrantSSH is not

GrantSSH defines who can SSH in, for how long, and records what the agent sees on the server. The features below are handled separately, often by other tools you already run or add alongside GrantSSH.

No bastion or proxy

SSH goes directly to your servers, with the same client you use today.

Public keys only

Team members upload public keys. GrantSSH does not store passwords or handle MFA at SSH login.

Activity events, not recordings

The agent reports logins, disconnects, sudo use, and failed login summaries. It does not record full sessions or keystrokes.

Connection access only

Permissions decide who can reach a server account and when. They do not filter commands after someone is logged in.

Ready for Controlled SSH Access?

Create your account and start granting time-limited SSH access in minutes.

Set up controlled SSH access in minutes.