mirror of
https://github.com/moul/awesome-ssh
synced 2024-11-28 07:10:25 +00:00
No description
81592266a1
From the official repo description: "HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically." In other words: it generates SSH certificates with specific fields that are matched to local machine attributes to allow/disallow access for certain users and enforce restrictions. |
||
---|---|---|
CONTRIBUTING.md | ||
LICENSE | ||
logo.jpg | ||
README.md |
Awesome SSH
Inspired by the awesome list thing.
Please read the contribution guidelines if you want to contribute.
Check out my blog 🦄 or say hi on Twitter.
Table of Contents
Apps
.ssh/config
assh
- Transparent wrapper (ProxyCommand) that adds regex, aliases, gateways, includes, dynamic hostnames to SSH andssh-config
. Previously:advanced-ssh-config
- storm - Manage your SSH like a boss.
- ansible-ssh-config - Letting Ansible manage
ssh_config
. - ec2ssh - A
ssh_config
manager for AWS EC2. - ssh-config - A tool to help manage your
.ssh/config
file.
Tools using the SSH protocol
- scp - Secure remote file copy utility over SSH.
- rsync - Fast incremental transfer utility that supports SSH.
- sftp - File transfer protocol over SSH.
- curl - Command line tool and library to transfer data (support
sftp
).
Servers
- sshportal - simple, fun, and transparent SSH (& Telnet) Bastion Server
- ssh2docker - SSH server to Docker containers.
- ssh-proxy - Dockerized SSH bastion to proxy SSH connections to arbitrary containers.
- whosthere - A SSH server that knows who you are.
$ ssh whoami.filippo.io
. - sshfront - Programmable SSH frontend.
- ssh-chat - Chat over SSH.
- sshcommand - Turn SSH into a thin client specifically for your app.
- sshmuxd -
sshmux
frontend. - x84 - A python
telnet
/ssh
server for modern UTF-8 and classic cp437 network virtual terminals. In spirit of classic software such as ami/x, teleguard, renegade, iniquity. - teleport - Modern SSH server for clusters and teams.
- ShellHub - A SSH gateway for remotely accessing any Linux device behind firewall and NAT.
Network
- Mosh - The mobile shell.
- sshfs - Filesystem client based on the SSH File Transfer Protocol.
- ngrok - Introspected tunnels to localhost.
- localtunnel - Expose localhost servers to the Internet.
- sshuttle - Transparent proxy server that works as a poor man's VPN. Forwards over
ssh
. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling. - sshttp - SSH/HTTP(S) multiplexer. Run a webserver and a
sshd
on the same port w/o changes. - switcher - Run SSH and HTTP(S) on the same port.
- sslh - Applicative Protocol Multiplexer (i.e: SSH + HTTPS).
- tund - SSH reverse tunnel daemon.
- autossh - Automatically respawn SSH session after network interruption.
- wssh - SSH to WebSockets Bridge.
- docker-volume-sshfs -
sshfs
docker volume plugin. - quicssh - QUIC proxy for SSH
- sshpiper - The missing reverse proxy for ssh scp.
- sshhub - Web Service: access your SSH servers behind firewalls (ssh-teamviewer).
Multiplexers
- tmux - Terminal multiplexer.
- clusterssh - Cluster admin via SSH.
- tmux-cssh -
tmux
with a ClusterSSH-like behavior. - tm -
tmux
manager / helper. - i2cssh -
csshX
like SSH tool for iTerm2. - ClusterSSH - Controls a number of
xterm
windows via a single graphical console.
SSH keys / Authentication
- authy-ssh - Easy two-factor authentication for SSH servers.
- github-auth - SSH key management for GitHub users.
- cipherhub - Encrypt messages based on SSH public keys with easy import from GitHub.
- Slack notifications (archived version) - Guide to setup Slack notifications (can be modified for other services).
- totp-ssh-fluxer - A way to make sure your
sshd
port changes every 30 seconds. - github-keygen - Easy creation of secure SSH configuration for your GitHub account(s).
- kr - Kr agent that route access request to the paired mobile phone where Kryptonite is installed.
- ServerAuth - Automatically sync SSH access across servers
- HIBA - Central management of access to a fleet of machines without pushing authorized_users files.
SSH agent
- ssh-ident - Different agents and different keys for different projects, with
ssh
. - oh-my-zsh/plugins/ssh-agent -
ssh-agent
plugin forzsh
. - sshecret - Automatically create and manage multiple agents for multiple keys.
Tools
- xxh - Bring your favorite shell wherever you go through the ssh.
- sshrc - Bring your
.bashrc
,.vimrc
, etc. with you when youssh
. - kyrat - SSH wrapper script that brings your dotfiles always with you on Linux and OSX.
- ssh-vault - encrypt/decrypt files using ssh keys
- ssh-ping - check if host is reachable using ssh_config
- SSHPry v2 - Spy & Control os SSH Connected client's TTY
- redial - Terminal Based SSH Session Manager for Unix Systems
Automation
- Ansible - App deployment, configuration management and orchestration over SSH.
- rtop - Interactive, remote system monitoring tool based on SSH.
- DSH - Dancer's shell / distributed shell - Wrapper for executing multiple remote shell commands from one command line.
- parallel-ssh - Provides parallel versions of OpenSSH and related tools.
- SSH Power Tool - Execute commands and upload files to many servers simultaneously without using pre-shared keys.
Web
- Secure Shell chrome extension
- GateOne - HTML5-powered terminal emulator and SSH client.
- KeyBox - Web-based SSH console that centrally manages administrative access to systems.
- Apache Guacamole - Apache Guacamole is a HTML5 based clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
- SSHmon - Real-time GUI to monitor SSH connections and establish port forwardings.
Testing / Honeypots
- ssh-hammer - SSH load testing tool.
- kippo - SSH Honeypot.
- cowrie - SSH Honeypot (based on kippo).
- sshmitm - SSH monkey-in-the-middle.
- ssh-audit - A tool for SSH server auditing.
- sshesame - A fake SSH server that lets everyone in and logs their activity.
Alternatives to SSH
- GoTTY - Share your terminal as web application.
- telnet - An unencrypted network protocol and an application used to connect to remote computers and issue commands.
- ttyd - Share your terminal over the web.
- rsh - An unencrypted network protocol and application used to connect to remote computers and issue commands.
Libraries
- C/C++
- libssh - The SSH library.
- Golang
- crypto/ssh - Built-in SSH client and server library.
- sftp - SFTP support for the go.crypto/ssh package.
- go-sshkit - Toolkit for building SSH servers and clients in Go.
- Socker - Library for Go to simplify the use of SSH.
- go-sshkeys - Golang SSH Keys manipulation library
- Java
- jsch - Pure java, BSD licensed, SSH2 client library.
- Javascript/Node.js
- ssh2 - SSH2 client and server modules written in pure JavaScript for node.js.
- Python
- paramiko - Native Python SSHv2 protocol library.
- Ruby
- net-ssh - Pure Ruby implementation of an SSH (protocol 2) client.
Resources
Tutorials
- How to use SSH to Connect to a Remote Server
- Best practices
- Granting Temporary Access to Your Servers (Using Signed SSH Keys)
- How to SSH login without a password
- Gist: SSH Recipes - Collection of recipes for writing awesome ssh config files.
Security
- 01/14/2016 - Integer Overflow
CVE 2016 077[7-8]
. - Security/Guidelines/OpenSSH - MozillaWiki -
sshd\_config
for6.7+
,5.3
. - Applied-Crypto-Hardening -
sshd\_config
for6.X
Documentation
Community
License
To the extent possible under law, Manfred Touron has waived all copyright and related or neighboring rights to this work.