Identity based secure access to your infrastructure.

Automate, simplify and secure access to your distributed compute resources using BastionXP Identity Based Infrastructure Access Management software.

Learn more Get started for free
Automated Certificate Management

BastionXP PKI/CA automates SSH and X.509 certificate creation, signing and distribution.

Identity based security

Certificates are tied to host and end user identity. Certificates are issued only after a successful SSO login using Two-Factor Authentication(2FA).

Avoids SSH Key Sprawl

Issues short-lived SSH certificates to end users, eliminating the risks associated with SSH key sprawl.

SSH Session Recording

SSH sessions are recorded for auditing and compliance purposes. Recorded SSH sessions can be replayed like a video playback.

Auditing & Compliance

All user activities are logged to provide a detailed log trail for auditing and compliance purposes. Logs can be analyzed later using a log analyzer to identify anomaly.

Role Based Access Control

Assign roles to your team members and restrict access to your cloud resources using RBAC policies.

Secure access that doesn't complicate your workflow

BastionXP PKI/CA, with a built-in SSH bastion host, automates and simplifies SSH certificate creation, signing and distribution without affecting your workflow.

  • Single command to generate SSH certificates for end users who need SSH access to cloud resources.
  • Secure access to cloud resources using short-lived SSH certificates tied to user identity.
  • Simplified and preconfigured SSH Bastion Host that comes out of the box.
  • Audit logs of user activities and SSH session recording make auditing and compliance easy.

BastionXP is built for engineers who need quick SSH access to any resource anywhere without comprimising security.

Start Your Free Trial Now

Try BastionXP for free with no commitments. No credit card required.

Frequently Asked Questions

  • What is BastionXP?

    BastionXP is a Public Key Infrastructure (PKI) / Certificate Authority (CA) that integrates with Identity and Access Management(IAM) software to create, sign and distribute SSH certificates to servers and users upon successful SSO login via OAuth providers such as GitHub, G-Suite, Microsoft Office 365, Okta. BastionXP also has a built-in SSH proxy server that can be configured to function as an SSH bastion host. BastionXP works seamlessly with OpenSSH server and client software.

  • Yes. You can download and try the free version of BastionXP. Please refer to our documentation on BastionXP "Getting Starting" guide. Remember that the free trial version comes with a limited feature set without the enterprise features.

  • BastionXP Enterpise version supports a) G-Suite, Microsoft Office 365, Okta based SSO/OAuth. b) Role Based Access Control using Microsoft Azure Active Directory, Okta, or any IAM. c) SSH Session Recording. d) Priority customer support.

  • BastionXP solution is a cloud native application that is cloud vendor agnostic. It works seamlessly in any cloud including AWS, GCP, Azure or Digital Ocean cloud.

  • Yes. We can provide cloud hosted version of BastionXP as a SaaS offering. Please write to us at: [email protected]

  • Please write to [email protected] for sales, queries, pricing and demo request.

Contact Us

We'd love to hear your feedback, comments, and suggestions. Write to us at:

[email protected]