Access Management

Every person. Every server. One screen.

Scan your whole fleet and see exactly who can log in where, and who has sudo. Then offboard someone from all of it - in one confirmed action.

How It Works

How Access Management Works in CtrlOps

Step 01 - CtrlOps

Scan.

Point it at the servers you already have saved. CtrlOps reads the authorized users on each one and builds the map. It is read-only: nothing on your servers changes until you say so.

Step 02 - You

See.

Every person who can reach your fleet, in one list. How many servers each of them can log in to, how many give them sudo, and the exact login they land on.

Step 03 - You

Offboard.

Someone leaves? Open them, click Remove from all servers, type their name to confirm. Their key is gone from every box at once. You never open a single server by hand.

The Offboarding Tax

Fifteen SSH sessions - and one you'll forget.

Someone leaves. Now you open every server, read authorized_keys, find their line, delete it, and move on to the next one. Fifteen times, from memory, with no list to check yourself against.

Thenssh, vim, delete the line. Repeat. And repeat.
ThenHope the box that was down last Tuesday isn't the one you missed.
NowOne person, one confirmed action, every server at once.

Miss a single server and that person still has a way in.

Try It Here

Go on, scan the fleet.

This is the real Access screen running on demo data. Scan it, open somebody up, take one server off them, onboard a new hire to five boxes at once, and offboard the contractor who never gave his laptop back.

ctrlops - access
Access1 Sync Error
6
People
14
Servers
36
Grants
Demo data - nothing here touches a real server.
Which screen do I want?

One server, or all of them.

CtrlOps manages SSH access at two altitudes, and they do different jobs. Use them together.

One server

SSH Management

The key registry on a single box. Every authorized key, the roles you create, and one-click revoke - all scoped to the server you are looking at.

  • Every key in that server’s authorized_keys
  • Create read-only and read/write roles
  • Revoke one key on one server
Go to SSH Management

Whole fleet

Access

The people map across every server you have. Who can reach what, who has sudo, and one confirmed action to take someone off all of it.

  • Every person, every server, one screen
  • Onboard to many servers at once, role per server
  • Offboard from all servers in one action
You are here

One more bit of vocabulary: access grants count key-to-server pairs, not people. One person on five servers is five grants - which is exactly why offboarding by hand goes wrong.

From real users

Offboarding, in two minutes.

What changes when who-can-reach-what stops being a question only one person on the team can answer.

Product Hunt

HR person commenting on a server tool, I know. But whenever someone leaves the team, we need their server access gone immediately. Before this it was a whole back and forth with tech. Now I check SSH management myself and flag it in 2 minutes. Offboarding got so much easier, honestly.

C
Chandni
Product Hunt

100% local and credentials never leave your machine positioning is doing a lot of trust work here and it's the right call.

G2

The AI Terminal with an Approval Gate: being able to ask for a fix in plain English is great, but the fact that it shows you the command and asks for approval before running it on live infrastructure is a massive safety net.

x.com

SSH into 10 servers, debug a crash, and deploy a fix - all without leaving one app? CtrlOps is a local-first desktop DevOps tool that translates plain English into bash, manages fleets, and keeps your credentials 100% on-device.

E
EveryDev.ai
Product Hunt

the fact that i dont need to install any agent on my servers sold me immediately. got it running on our staging env and already caught 2 issues before they became outages. will be moving prod over soon

SV
Srushti Vasani
Where the map lives

Your org chart of who can reach prod.

That is what an access map really is - and it is the last thing you should be uploading to somebody else's cloud. CtrlOps builds it on your machine and leaves it there.

your servers15 boxes~/.ssh/authorized_keysread-onlyyour machineCtrlOps.appthe access mapstored here. only here.SSH · scan on demandnothing is written until you actctrlops cloudnever receives the maphosted directory / SSOnothing to sign up for

The map is built on your machine

CtrlOps reads each server over your own SSH connection and assembles the picture locally. The list of who can reach production is never sent to CtrlOps or any third party - there is no copy of it anywhere to breach.

Scanning changes nothing

A scan is read-only. It looks at authorized_keys and puts the answer on screen. Not one key is added, moved or revoked until you click something and confirm it.

What it is not

It is a snapshot, not surveillance - re-scan after anyone edits a key directly on a box. Revoking blocks new logins, but a session already open stays open until it ends. Unreachable servers are flagged, not guessed at. Windows servers are not supported.

Access FAQ

Questions before someone resigns.

Open CtrlOps, click Access, and run a scan. CtrlOps connects to each server you have saved, reads the authorized users on it, and builds one list: every person across your fleet, how many servers each of them can reach, and how many of those give them sudo. Click anyone to see every server they can log in to and the exact login they land on, such as root@10.0.1.11.
Open the person, click Remove from all servers, and type their name to confirm. CtrlOps revokes their authorized key on every server in the list in one action. You never open a single server by hand, and the type-to-confirm guard makes sure you are offboarding the person you meant to.
Click Add user, paste their public key, tick the servers they need, and set the target role for each one - root, a standard user, or read-only. You can mix roles freely: root on the box they own, read-only on the one they are just meant to look at. Then click Grant access, and CtrlOps writes the key to every server you picked.
No. The access map is built and stored on your own computer. CtrlOps reads the authorized users on each server during a scan and keeps the results on your machine - none of it is sent to CtrlOps or any third party. An audit export is written to your disk, not to a cloud. There is no hosted copy of who can reach your production servers, because there is nothing to breach.
No. Scanning is read-only. CtrlOps reads each server’s authorized_keys and draws the map - it adds nothing, moves nothing and revokes nothing. Not a single key changes until you explicitly remove or add access and confirm it. Servers that are unreachable are skipped and flagged as a Sync Error rather than silently counted as clean.
Two common reasons, and we would rather say so. They may have had a separate key you did not see - re-scan to confirm none remain. Or they were already connected when you removed access: an SSH session that is already open stays open until it ends. New logins are blocked immediately either way.
A snapshot. Access takes a picture when you scan; it does not watch your servers continuously. Anything you add or remove inside CtrlOps updates the list straight away. If someone edits a key directly on a server, outside CtrlOps, the map will not know until you click Re-scan - and the header always tells you when you last scanned.
SSH Management is one server: the key registry on a single box, the roles you create there, and one-click revoke. Access is the whole fleet: every person, every server, offboarding from all of it at once, and the audit export. Use SSH Management for one-off key work on a box you are already in; use Access when the question is "who can reach what?" - or when somebody has just resigned.
Get started

Find out who can reach your servers.

Scan your fleet, see every person and every grant, and offboard someone from all of it in one confirmed action. 1-month free trial, no credit card.

Start instantly· No credit card· No sneaky autorenewals