GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → spoqa → Geofront

spoqa / Geofront

Licence: agpl-3.0
Simple SSH key management service

Programming Languages

python
139335 projects - #7 most used programming language

Labels

sshssh-key

Projects that are alternatives of or similar to Geofront

Geofront Cli
It provides a CLI client for Geofront, a simple SSH key management server.
Stars: ✭ 30 (-91.1%)
Mutual labels:  ssh, ssh-key
Ssh Agent Helper
Use SSH keys from CMD, PowerShell, etc. on Windows
Stars: ✭ 31 (-90.8%)
Mutual labels:  ssh, ssh-key
Cashier
A self-service CA for OpenSSH
Stars: ✭ 590 (+75.07%)
Mutual labels:  ssh, ssh-key
Ssh Permit A38
Central management and deployment for SSH keys
Stars: ✭ 451 (+33.83%)
Mutual labels:  ssh, ssh-key
Cedarkey
$2 hardware SSH keys storage
Stars: ✭ 148 (-56.08%)
Mutual labels:  ssh, ssh-key
Sshremotekeys
Managing SSH keys remotely to control access to hosts
Stars: ✭ 70 (-79.23%)
Mutual labels:  ssh, ssh-key
Ssh Vault
🌰 encrypt/decrypt using ssh keys
Stars: ✭ 277 (-17.8%)
Mutual labels:  ssh, ssh-key
Bastillion
Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys.
Stars: ✭ 2,730 (+710.09%)
Mutual labels:  ssh, ssh-key
Awesome Ssh
💻 A curated list of SSH resources.
Stars: ✭ 1,742 (+416.91%)
Mutual labels:  ssh, ssh-key
Lastpass Ssh
SSH key management with LastPass
Stars: ✭ 105 (-68.84%)
Mutual labels:  ssh, ssh-key
Ssh Ldap Pubkey
Utility to manage SSH public keys stored in LDAP.
Stars: ✭ 185 (-45.1%)
Mutual labels:  ssh, ssh-key
wsl-agent-bridge
WSL compatibility bridge for ssh-agent on Windows
Stars: ✭ 17 (-94.96%)
Mutual labels:  ssh, ssh-key
Pisth
SSH and SFTP client for iOS
Stars: ✭ 286 (-15.13%)
Mutual labels:  ssh
Autossh
Password-free automatic login SSH(免密登陆SSH)
Stars: ✭ 294 (-12.76%)
Mutual labels:  ssh
Deployr
A simple golang application to automate the deployment of software releases.
Stars: ✭ 282 (-16.32%)
Mutual labels:  ssh
Certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Stars: ✭ 3,693 (+995.85%)
Mutual labels:  ssh
Krypton Ios
Krypton turns your iOS device into a WebAuthn/U2F Authenticator: strong, unphishable 2FA.
Stars: ✭ 305 (-9.5%)
Mutual labels:  ssh
Aws Gate
Better AWS SSM Session manager CLI client
Stars: ✭ 294 (-12.76%)
Mutual labels:  ssh
Ssh Deploy
GitHub Action for deploying code via rsync over ssh
Stars: ✭ 272 (-19.29%)
Mutual labels:  ssh
Easyee
开源 JavaEE 企业级快速开发平台。提供了 Spring Boot, Struts2, Hibernate, MyBatis, Shiro, EasyUI 等技术,包含完整的权限管理系统等。提供自动化代码生成器。 Open source JaveEE enterprise-class rapid development of the basic platform. Integration of Spring Boot, Struts2, Hibernate, MyBatis, Shiro, EasyUI and other technologies, including the integrity of the rights management. Provides an automated code generator.
Stars: ✭ 275 (-18.4%)
Mutual labels:  ssh
View All Similar Projects ➔

Geofront

.. image:: https://badges.gitter.im/spoqa/geofront.svg :alt: Join the chat at https://gitter.im/spoqa/geofront :target: https://gitter.im/spoqa/geofront?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge

.. image:: https://badge.fury.io/py/Geofront.svg? :target: https://pypi.python.org/pypi/Geofront :alt: Latest PyPI version

.. image:: https://readthedocs.org/projects/geofront/badge/ :target: https://geofront.readthedocs.io/ :alt: Read the Docs

.. image:: https://travis-ci.org/spoqa/geofront.svg?branch=master :target: https://travis-ci.org/spoqa/geofront

.. image:: https://codecov.io/gh/spoqa/geofront/branch/master/graph/badge.svg :target: https://codecov.io/gh/spoqa/geofront

Geofront is a simple SSH key management server. It helps to maintain servers to SSH, and authorized_keys list for them. Read the docs__ for more details.

__ https://geofront.readthedocs.io/

Situations

  • If the team maintains authorized_keys list of all servers owned by the team:

    • When someone joins or leaves the team, all lists have to be updated.
    • Who do update the list?

  • If the team maintains shared private keys to SSH servers:

    • These keys have to be expired when someone leaves the team.
    • There should be a shared storage for the keys. (Dropbox? srsly?)
    • Everyone might need to add -i option to use team's own key.

  • The above ways are both hard to scale servers. Imagine your team has more than 10 servers.

Idea

  1. Geofront has its own master key. The private key is never shared. The master key is periodically and automatically regened.
  2. Every server has a simple authorized_keys list, which authorizes only the master key.
  3. Every member registers their own public key to Geofront. The registration can be omitted if the key storage is GitHub, Bitbucket, etc.
  4. A member requests to SSH a server, then Geofront temporarily (about 30 seconds, or a minute) adds their public key to authorized_keys of the requested server.

Prerequisites

  • Linux, BSD, Mac

  • Python 3.3+

  • Third-party packages (automatically installed together)

    • Paramiko_ 2.0.1+ (which requires cryptography_)
    • Werkzeug_ 0.11+
    • Flask_ 0.10.1+
    • Flask-Sockets_ 0.2.1+
    • gevent_ 1.1.2+
    • OAuthLib_ 1.1.1+
    • Apache Libcloud_ 1.1.0+
    • singledispatch_ (only if Python is older than 3.4)
    • typing_ (only if Python is older than 3.5)
    • typeguard_ 2.1.1+

.. _Paramiko: http://www.paramiko.org/ .. _cryptography: https://cryptography.io/ .. _Werkzeug: http://werkzeug.pocoo.org/ .. _Flask: http://flask.pocoo.org/ .. _Flask-Sockets: https://github.com/kennethreitz/flask-sockets .. _gevent: http://www.gevent.org/ .. _OAuthLib: https://github.com/idan/oauthlib .. _Libcloud: http://libcloud.apache.org/ .. _singledispatch: https://pypi.python.org/pypi/singledispatch .. _typing: https://pypi.python.org/pypi/typing .. _typeguard: https://github.com/agronholm/typeguard

Author and license

Geofront is written by Hong Minhee, maintained by Spoqa_, and licensed under AGPL3_ or later. You can find the source code from GitHub:

.. code-block:: console

$ git clone git://github.com/spoqa/geofront.git

__ https://hongminhee.org/ .. _Spoqa: http://www.spoqa.com/ .. _AGPL3: http://www.gnu.org/licenses/agpl-3.0.html __ https://github.com/spoqa/geofront

Missing features

  • Google Apps backend [#3_]
  • Fabric_ integration
  • PuTTY_ integration

(Contributions would be appreciated!)

.. _Fabric: http://www.fabfile.org/ .. _PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/ .. _#3: https://github.com/spoqa/geofront/issues/3

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].