Key management systems can be used to manage cryptographic access control keys, and hence, access control, across computer networks. An example of key management systems is the Universal SSH (Secure Shell) Key Manager from SSH Communications Security, Inc. Typically, key management services provide functionality for discovering existing keys and trust relationships between them, as well as installing, rotating (meaning replacing), and removing keys in a centralized and controlled manner. Known key management systems, however, do not work in situations where client computers, that is, computers from which cryptographic connections are taken that terminate on server computers, cannot be accessed by a key management system. That can happen, for instance, when a client computer is the personal property of an employee or a freelancer who does not want to subject the computer to remote management procedures. When a client computer is not accessible by a key management system, the key management system cannot generate new private keys on the computer, nor can it access existing private keys or their public key counterparts on the computer, and thus it cannot grant access to the user or users of that client computer on the server computers within a managed network. Therefore efficient use of key management systems may be restricted to managed networks where connections from clients that are not managed by a key management system are not anticipated.