Secure SSH connections to your Ubuntu servers with
our SSH Authenticator app
and PAM module.

The Beta program for the IDEE SSH Authenticator solution is now open. We are looking for volunteer beta testers. Please sign-up if you are a software engineer or programmer concerned about the security of your SSH connections.
If you are a software development manager (or equivalent) and
would like to enroll your team please get in touch separately here.
All testers get access to the solution for 12 months
at absolutely no cost once commercially released.
Demo screen of the SSH Authenticator App by IDEE

IDEE's SSH Authenticator is a strong, multi factor authentication solution for secure access to your servers. Simply install the IDEE PAM module on your Linux servers and authenticate using the SSH Authenticator app we have created. No passwords, no 2FA codes and no tokens that can be centrally hacked, phished or compromised.

SSH Authenticator App
+ PAM Module

Our secure Authenticator app was built from the ground up with security by design, privacy by design and convenience in mind. It was made by developers for developers. Our custom PAM module is built following the NIST standards and is available as a separate download.

Biometric & 
Key-based Authentication

A hardware generated key is stored inside smartphone's HSM chip such that it cannot be extracted. Only you can access it by unlocking your smartphone with your preferred unlock method including biometrics (fingerprint, faceID, etc.).

Would you like to join our beta program?
Key Features & Benefits

All the secure SSH authentication tips & tricks in one app.

Using key-based authentication, no passwords and two factor authentication, has undoubtedly become the de-facto standard today to secure and harden your servers when remotely accessing them via SSH. However, current 2FA authentication solutions are based on shared knowledge and require users to type in six-digit TOTP codes on every authentication or even with every transaction made with the servers.

No Two Factor Codes

Multi Factor authentication without having to enter 6-digit codes.

Access your servers as usual via SSH command in the terminal and approve the login on your smartphone. Your device lock (e.g. Fingerprint, FaceID) acts as your second factor. No time-based codes that expire, no manual entry.

Down Arrow

Strong Authentication

Using the SSH Authenticator enables strong authentication by default.

When using the SSH Authenticator, every transaction such as authenticating to the server or authorizing file changes,  multiple factors are used (e.g. biometric and possession of the smartphone).

Down Arrow

Account Takeover Prevention

Say goodbye to phishing and weak, knowledge-based factors.

With the SSH Authenticator and the PAM module by IDEE, it is impossible to hijack a user account without physical access to the smartphone and the strong factor used to protect access to the device (e.g. Fingerprint, FaceID). There are no credentials or shared knowledge stored on servers or known to the user that attackers can obtain or phish.

Down Arrow

Insider Threat Prevention

Even administrators can't know your login credentials.

IDEE's SSH Authenticator operates using fully decentralized credentials, stored inside the secure element of your smartphone. Administrators don't know your credentials and the credentials cannot be leaked.

Down Arrow

Remote Intruder Logout

Spot and end any unwanted or forgotten session directly in the app.

Forgot to log out or spotted a suspicious session to your servers? End any active sessions directly in the app. The session will be terminated immediately.

Down Arrow


Get verifiable assurance with every authentication.

Unlike other authenticators, SSH Authenticator by IDEE provides a verifiable assurance of the user that authenticates to the server in the authentication response. This way you can rely on the integrity, non-repudiation and provenance of the authentication.

Down Arrow

Multi-Device Support

Automatic synchronisation to multiple devices for all connections.

Use multiple devices as authenticators without having to manually add every server on every authenticator. When you add a new device, all existing connections are activated on your new device, as well. No re-enrolling, no QR codes or manual key entry required.

Down Arrow

Decentralized Backups


Easily recover access to all your servers in case a device is lost or stolen.

Typically, if you lose your Authenticator Device you’re screwed. Our back-up features with decentralized keys and backup codes ensure that you can independently restore your access to new devices . No helpdesk or administrator involvement required.

Down Arrow

User Experience

A user experience that is super seamless, flexible and just overall awesome.

We build the complete process with users in mind. Users get a simple one click authentication experience while maintaining the strongest level of security. A great user experience and exceptional security can go hand in hand, after all.

Down Arrow

IoT Device

Securely authenticate to embedded systems such as Armbian or Raspbian.

Reporting & Compliance

Our zero knowledge solution does not store any PII about users, however we can provide access log details that when combined in your identity or user management will allow you to create an audit trail of past actions. Coming soon the audit trail will make use of our existing blockchain infrastructure to become immutable.

SSH Authenticator by IDEE for Developers

Help us improve our product.
Get 12 months for free.