When comparing Userify vs SSH Universal Key Manager, the Slant community recommends Userify for most people. In the question“What are the best managers for SSH keys?” Userify is ranked 1st while SSH Universal Key Manager is ranked 3rd. The most important reason people chose Userify is:
The shim (their agent) installs in the blink of an eye. The old server took a lot longer (about five minutes) but only needs one command to install, so you can walk away and come back. (The new server installs in about five seconds as well.)
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Installs instantly
The shim (their agent) installs in the blink of an eye. The old server took a lot longer (about five minutes) but only needs one command to install, so you can walk away and come back. (The new server installs in about five seconds as well.)
Pro Built-in recipes for Ansible, Chef, Puppet, Terraform, Bash, and CloudFormation
Lots of built-in recipes make deploying pretty fast, and just adding a single server is pasting a one-liner that takes a few milliseconds to install.
Pro Manages sudo permissions (root/user/none)
It manages sudo permissions (root/user/none) in a nice color-coded interface based on projects. You can manage more than one server in groups.
Pro When you remove a user, their keys are removed and sessions are KILLED
This is a pretty awesome feature. When you remove a user, not only are their keys removed, but any active sessions are terminated and home directory renamed to deleted:$username so that you can go check it out and get any work files left in it (or hacking evidence). Even better, if you later restore their access, their home directory automatically gets restored as well.
Pro Very reliable across multi-cloud and intermittent connections
A single self-hosted installation or Userify Cloud can manage your user accounts in multiple clouds or your own datacenter. All that's needed is HTTPS outbound from your managed instances.
Pro Color coded dashboard
Instantly shows who has access to what server groups in color (red for root/sudo access, green for regular user, and white/none for no access.)
Pro If central servers go down, you can still log in
Even if the userify servers go down, you can still log in with your private key.
Pro Available in self-hosted and Cloud, in single-server and clustered modes
Cloud is available for free up to 20 servers, while self-hosted is limited to five servers free.
Pro Can handle tens of thousands of servers in a cluster configuration
Handles thousands of servers hassle-free using an AWS EC2 cluster.
Pro Compartmentalization/isolation
Users are isolated in what they can see. If a user doesn't have access to a server group, project, or company, they can't see any of its parts -- not even the project or server group names or who has access.
Pro Extremely fast to get started
Tip: click the word "None" to change user permissions.
Pro Built-in key scanner
Scans for unused keys (what Userify calls "loose" keys) and presents them on a per-server basis within each server groups. No additional configuration is needed, it just works out of the box.
Pro Free for up to 20 servers
It's completely free (no credit card needed) and can be used up to 20 servers, and this free tier does NOT expire.
Pro Excellent and fast support
Support is fast and responsive, but more importantly, actually knows the product.
Pro Pricing is based on per-server instead of per-user
This is great so you don't have to pay per key or per user, and it's easy to control your budget.
Pro Let's Encrypt integration
Self-hosted Userify integrates with Let's Encrypt, providing instant SSL.
Pro Key generator
Generates private keys, including both Mac/OSX/Linux RSA keys as well as Putty keys, and can even distribute those keys to end boxes (useful for automation accounts).
Pro Can log SSH commands
Other systems like Userify use other tools like auditd or Splunk to log commands, but SSH UKM has logging built in.
Pro Detects and alerts on suspicious key activity
Pro Scans and alerts on existing keys
Can scan your existing systems and find and remove old keys.
Cons
Con Only up to 20 servers are free (10 on self-hosted)
Only up to 20 servers are free.
Con The Userify shim doesn't yet support certain containers
Containers that don't run an SSH server don't support the Userify shim (of course, container hosts are fully supported).
Con Pricey for small companies
A smaller company may find it expensive if you have a lot of servers.
Con User interface is slow and clunky
It's not user friendly and some people may struggle to get going with setting up their profiles.
Con Doesn't work in the cloud
UKM doesn't work at all with auto-scaling groups or dynamic IP's.
Con Expensive
UKM is extremely expensive versus the capabilities provided.
Con Hard to scale
Only deals with single servers, not groups. Doesn't scale very well and very expensive to scale.
Con Poor documentation
The documentation doesnt help much with anything but the minimum needed to get it working, things like common errors have no information.
Con Time consuming and complex to install and configure
Extremely complex and requires substantial resources.