GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → b1naryth1ef → bowser

b1naryth1ef / bowser

Licence: other
a smart, friendly, secure, and auditable ssh daemon

Programming Languages

go
31211 projects - #10 most used programming language
shell
77523 projects

Labels

sshbastioncertificates

Projects that are alternatives of or similar to bowser

Windows Secure Host Baseline
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Stars: ✭ 1,288 (+2827.27%)
Mutual labels:  certificates
privx-on-aws
PrivX - Just-in-time Access Management
Stars: ✭ 18 (-59.09%)
Mutual labels:  bastion
sigil
AWS SSM Session manager client
Stars: ✭ 67 (+52.27%)
Mutual labels:  bastion
Certok
Command line tool to check the validity and expiration dates of SSL certificates.
Stars: ✭ 136 (+209.09%)
Mutual labels:  certificates
Openssl Osx Ca
Simple periodic task to sync OSX Keychain certs to Homebrew installed OpenSSL & LibreSSL
Stars: ✭ 185 (+320.45%)
Mutual labels:  certificates
Teleport
Certificate authority and access plane for SSH, Kubernetes, web apps, databases and desktops
Stars: ✭ 10,602 (+23995.45%)
Mutual labels:  bastion
Letscertbot
Let's Certbot is a tool builds automated scripts base on Certbot for obtaining, renewing, deploying SSL certificates.
Stars: ✭ 84 (+90.91%)
Mutual labels:  certificates
vault-pki-monitor-venafi
Venafi PKI Monitoring Secrets Engine for HashiCorp Vault that enforces security policy and provides certificate visiblity to the enterprise.
Stars: ✭ 18 (-59.09%)
Mutual labels:  certificates
Traefik Certs Dumper
Dump ACME data from Traefik to certificates
Stars: ✭ 220 (+400%)
Mutual labels:  certificates
AzureWebAppSSLManager
Acquires and manages free SSL certificates for Azure Web App and Azure Functions applications.
Stars: ✭ 70 (+59.09%)
Mutual labels:  certificates
Gdpr Tracker
A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors
Stars: ✭ 142 (+222.73%)
Mutual labels:  certificates
Ca Bundle
The Mozilla CA bundle extracted and converted to PEM. This repository functions as a backup to the automated service on the curl web site.
Stars: ✭ 177 (+302.27%)
Mutual labels:  certificates
Bless
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
Stars: ✭ 2,627 (+5870.45%)
Mutual labels:  bastion
Certificate Authority Situational Awareness
Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber
Stars: ✭ 99 (+125%)
Mutual labels:  certificates
tls certificate generation
Use temporary Amazon EC2 / Digital Ocean cloud machines to get / renew letsencrypt certificates
Stars: ✭ 28 (-36.36%)
Mutual labels:  certificates
Certificaat
General-purpose ACME client
Stars: ✭ 88 (+100%)
Mutual labels:  certificates
BastionGitHubBot
🚀 A GitHub bot to automate common tasks in GitHub.
Stars: ✭ 15 (-65.91%)
Mutual labels:  bastion
sscg
Simple Signed Certificate Generator
Stars: ✭ 57 (+29.55%)
Mutual labels:  certificates
Bastion
Java test library for HTTP APIs
Stars: ✭ 13 (-70.45%)
Mutual labels:  bastion
bunjil
A GraphQL bastion server with schema merging, authentication and authorization with Policy Based Access Control
Stars: ✭ 25 (-43.18%)
Mutual labels:  bastion
View All Similar Projects ➔

Bowser

Bowser is a modern, simple, and grokable SSH daemon built to act as a bastion and SSH certificate authority. Bastion provides users with a unobtrusive yet highly secure flow to SSH. Bowser was built at Discord.

Features

  • Three-Factor authentication using SSH keys, passwords, and TOTP
  • Automatic generation of signed SSH keys and certificates for access to proxied servers
  • Extensive logging to multiple outlets
  • Simple, auditable codebase

Usage

Example Config

{
  "bind": "0.0.0.0:22",
  "discord_webhooks": ["https://canary.discordapp.com/api/webhooks/255545515817566228/my_discord_webhook_token"]
}

Example Accounts

[
  {
    "username": "andrei",
    "password": "$2a$15$QWu4umMh.ZRd5RtrMNkY4e0N197Uha8poioQsEn5spjz5brU8FIRK",
    "ssh-keys": [
      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCooBb+XKzBkDbr2qc1NM5iTRoaKXtjZPS0l9eOD+szEowHX5P+Ab4uvWcs6KUPcbITBZK60AN3Pi6mt5sTUQuqkFOGJolh6sDXpiBis7bkxQoDe11oOeHfBBHE5YfUaa7naLopN0cSXTkusY/ReNQDvIjQVjfmwoGA2pW96wV1oqnPDHz8HRUcHjfTdjovWY8xMRO0ZsHuavOdk8O+FYaD8BIO3i0bIa/tFe56Eme2FuCN77PgsHVA0HTzMAUGNpZU0zYsk8B5pjpQQyScSpE2ZfF2JqxcTl4KrnxWA3XtDtD3+lPR7ryWy+qDgrf9UxkuP7FEdIE6yD4lZdu0UdcD [email protected]"
    ],
    "mfa": {
      "totp": "AAAAAAAAAAAAAAAA"
    },
  }
]

Example SSH Config

Host bastion
  Hostname bastion.my.corp
  Port 22
  ControlMaster auto
  ControlPath /tmp/ssh-control-%r@%h:%p
  ControlPersist 30m

Host credit-card-database1
  Hostname credit-card-database1.my.corp
  ProxyCommand ssh -W %h:%p bastion

FAQ

OpenSSH fails with "no private key for certificate"

This is caused by this OpenSSH bug. Upgrade your version of OpenSSH to resolve.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].