Getting Started with Smallstep SSH

Smallstep SSH is a commercial product that delivers a complete end-to-end SSH workflow combining the benefits of modern identity providers, SSH certificates, and proven standard technologies like OpenSSH and OAuth. The Professional Edition is a managed offering that takes the open source step-ca and adds automatic access control, end-to-end user lifecycle management, event activity logging, and reporting.

Are you looking for the open source step-ca documentation? Find it here.

Before you begin, register for a smallstep account if you haven't already.

Step 1: Set up your client

Start by configuring SSH access on your laptop:

Client Quickstart Guide

Step 2: Register Hosts

Host Quickstart Guide

Step 3: Set up Single Sign-on and Directory Sync

If you want to use Smallstep SSH in multi-user mode, you can sync with an identity provider. Note: Single Sign-on through your identity provider requires SSH Professional + Team level account or higher. [Click here for more pricing information] (/sso-ssh/pricing/#pricing).

Microsoft Entra ID Quickstart Guide

Google Workspace Quickstart Guide

Okta Quickstart Guide

Don't see your identity provider?

We may still be able to work with you. Please contact us and tell us a little about your setup.

Step 4: Grant Access

Establish access control rules:

Access Control Guide

Looking For Technical Details On The Product?