KeylessMesh

KeylessMesh is a web app plus lightweight desktop agent that gives contractors and vendors time-boxed, least-privilege access to specific internal resources without issuing full VPN credentials. Admins define “access recipes” (host, port, protocol, allowed hours, required device checks) and generate short-lived links that require MFA and device posture validation before a tunnel is established. Every session is recorded as an auditable event trail (who, what, when, from where), with optional command logging for SSH/RDP via a proxy mode. It’s designed for small-to-mid IT teams who are tired of managing long-lived VPN users, shared accounts, and messy firewall exceptions. The product is intentionally narrow: secure third-party access to a few services, not a full SASE replacement. Pricing is per active external user and concurrent sessions, making it predictable and easier to justify than a full network overhaul.