diff --git a/app/services/realtime_audit_service.py b/app/services/realtime_audit_service.py
index 95486e6..c3cecc8 100644
--- a/app/services/realtime_audit_service.py
+++ b/app/services/realtime_audit_service.py
@@ -11,10 +11,24 @@ try:
 except ImportError:
     PARAMIKO_OK = False
 
-SSH_KEY = "/opt/patchcenter/keys/id_rsa_cybglobal.pem"
-SSH_USER = "cybsecope"
+SSH_KEY_DEFAULT = "/opt/patchcenter/keys/id_ed25519"
+SSH_USER_DEFAULT = "root"
 SSH_TIMEOUT = 12
-DNS_SUFFIXES = ["", ".sanef.groupe", ".sanef-rec.fr", ".sanef.fr"]
+DNS_SUFFIXES = ["", ".mpcz.fr", ".sanef.groupe", ".sanef-rec.fr", ".sanef.fr"]
+
+
+def _get_ssh_settings():
+    """Lit les settings SSH depuis app_secrets dans la DB."""
+    try:
+        from .secrets_service import get_secret
+        from ..database import SessionLocal
+        db = SessionLocal()
+        key_path = get_secret(db, "ssh_key_file") or SSH_KEY_DEFAULT
+        user = get_secret(db, "ssh_user") or SSH_USER_DEFAULT
+        db.close()
+        return key_path, user
+    except Exception:
+        return SSH_KEY_DEFAULT, SSH_USER_DEFAULT
 
 # Commandes d'audit (simplifiees pour le temps reel)
 AUDIT_CMDS = {
@@ -62,14 +76,16 @@ def _connect(target):
         return None
     import os
 
-    # 1. Essai clé SSH
-    if os.path.exists(SSH_KEY):
-        for loader in [paramiko.RSAKey.from_private_key_file, paramiko.Ed25519Key.from_private_key_file]:
+    ssh_key, ssh_user = _get_ssh_settings()
+
+    # 1. Essai clé SSH depuis settings
+    if os.path.exists(ssh_key):
+        for loader in [paramiko.Ed25519Key.from_private_key_file, paramiko.RSAKey.from_private_key_file, paramiko.ECDSAKey.from_private_key_file]:
             try:
-                key = loader(SSH_KEY)
+                key = loader(ssh_key)
                 client = paramiko.SSHClient()
                 client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
-                client.connect(target, port=22, username=SSH_USER, pkey=key,
+                client.connect(target, port=22, username=ssh_user, pkey=key,
                                timeout=SSH_TIMEOUT, look_for_keys=False, allow_agent=False)
                 return client
             except Exception:
@@ -80,7 +96,7 @@ def _connect(target):
         from .secrets_service import get_secret
         from ..database import SessionLocal
         db = SessionLocal()
-        pwd_user = get_secret(db, "ssh_pwd_default_user") or "root"
+        pwd_user = get_secret(db, "ssh_pwd_default_user") or ssh_user
         pwd_pass = get_secret(db, "ssh_pwd_default_pass") or ""
         db.close()
         if pwd_pass:
@@ -138,7 +154,8 @@ def audit_single_server(hostname):
         return result
 
     result["status"] = "OK"
-    result["connection_method"] = f"ssh_key ({SSH_USER}@{target})"
+    ssh_key, ssh_user = _get_ssh_settings()
+    result["connection_method"] = f"ssh_key ({ssh_user}@{target})"
 
     for key, cmd in AUDIT_CMDS.items():
         result[key] = _run(client, cmd)