awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

7 Repos

Awesome GitHub RepositoriesIdentity-Based SSH Access

SSH access management using centralized identity providers instead of static keys.

Distinguishing note: Focuses on identity-driven SSH rather than generic key management.

Explore 7 awesome GitHub repositories matching security & cryptography · Identity-Based SSH Access. Refine with filters or upvote what's useful.

Awesome Identity-Based SSH Access GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • awesome-selfhosted/awesome-selfhostedAvatar von awesome-selfhosted

    awesome-selfhosted/awesome-selfhosted

    299,516Auf GitHub ansehen↗

    Dieses Projekt ist ein von der Community kuratiertes Verzeichnis von Open-Source-Software, die für den Einsatz in privaten Serverumgebungen und Home-Labs konzipiert ist. Es dient als umfassende Ressource zur Entdeckung unabhängiger, selbst gehosteter Alternativen zu gängigen Cloud-Diensten und ermöglicht es Nutzern, die volle Datenhoheit und Kontrolle über ihre digitale Infrastruktur zu behalten. Das Verzeichnis ist durch eine hierarchische Taxonomie strukturiert, die eine riesige Sammlung von Anwendungen in logische Kategorien organisiert, von Medienmanagement und Datenanalyse bis hin zu privater Kommunikation und Tools für die Teamproduktivität. Es zeichnet sich durch einen kollaborativen Peer-Review-Prozess aus, bei dem Community-Mitglieder die Qualität und Relevanz jeder Einreichung validieren, um sicherzustellen, dass das Verzeichnis korrekt und zuverlässig bleibt. Das Projekt deckt ein breites Spektrum an Fähigkeiten ab, einschließlich Infrastruktur-Automatisierung, containerbasierter Service-Bereitstellung und deklarativem Konfigurationsmanagement. Diese Tools unterstützen Nutzer bei der Aufrechterhaltung reproduzierbarer Serverumgebungen und der Verwaltung komplexer Service-Abhängigkeiten auf privater Hardware. Das Verzeichnis wird als versionskontrolliertes Repository gepflegt, wodurch sichergestellt wird, dass alle Updates und Community-gesteuerten Änderungen nachverfolgt und transparent sind.

    Manages remote server access through bastion hosts that provide session recording and identity verification.

    awesomeawesome-listcloud
    Auf GitHub ansehen↗299,516
  • tailscale/tailscaleAvatar von tailscale

    tailscale/tailscale

    32,596Auf GitHub ansehen↗

    Tailscale is a zero-trust networking overlay that connects distributed devices and services into a private, encrypted mesh network. By utilizing a high-performance, user-space implementation of the WireGuard protocol, it establishes secure peer-to-peer tunnels across diverse network topologies without requiring complex firewall configuration. The platform operates on a centralized control plane that manages global network state, authentication, and policy distribution, ensuring that connectivity is governed by identity rather than traditional IP-based rules. What distinguishes Tailscale is it

    Manages secure shell connections using existing identity providers to eliminate manual key distribution.

    Go2faoauthsso
    Auf GitHub ansehen↗32,596
  • netbirdio/netbirdAvatar von netbirdio

    netbirdio/netbird

    26,188Auf GitHub ansehen↗

    NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce

    Maps remote SSH sessions to specific user identities via OIDC or network policies to control access to operating system accounts.

    Gogolangmeshmesh-networks
    Auf GitHub ansehen↗26,188
  • smallstep/certificatesAvatar von smallstep

    smallstep/certificates

    8,245Auf GitHub ansehen↗

    This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider

    Replaces static SSH keys with short-lived certificates tied to identity providers for secure remote shell access.

    Goacmeacme-serverca
    Auf GitHub ansehen↗8,245
  • warp-tech/warpgateAvatar von warp-tech

    warp-tech/warpgate

    6,578Auf GitHub ansehen↗

    Warpgate is an SSH bastion host that authenticates users and proxies connections to internal servers while recording all session activity. It is distributed as a single standalone binary with no runtime dependencies, stores configuration and session data in a local SQLite database by default, and supports role-based access control to determine which users can reach which targets. The bastion verifies identity through a configurable chain of authentication methods including passwords, one-time codes, single sign-on, and time-limited ticket tokens. It captures and stores SSH session activity as

    Issues revocable, time-limited tokens for temporary SSH access to specific targets.

    Rustbastionbastion-hosthttps
    Auf GitHub ansehen↗6,578
  • pomerium/pomeriumAvatar von pomerium

    pomerium/pomerium

    4,854Auf GitHub ansehen↗

    Pomerium is an identity-aware reverse proxy designed to provide zero-trust access control for internal infrastructure. It functions as a centralized gateway that verifies user identity, device context, and group membership for every request before granting access to protected applications, services, or API servers. By integrating directly with external identity providers, it replaces traditional VPNs with granular, policy-based access enforcement. The platform distinguishes itself by extending zero-trust principles beyond standard web traffic to include non-HTTP protocols, such as TCP and UDP

    Secures remote server access by authenticating users via identity providers and replacing static SSH keys with ephemeral certificates.

    Go
    Auf GitHub ansehen↗4,854
  • octelium/octeliumAvatar von octelium

    octelium/octelium

    3,371Auf GitHub ansehen↗

    Octelium is a zero-trust network access platform and identity-aware proxy designed to secure private HTTP, SSH, and SQL resources. It functions as a secure gateway that validates human and workload identities using OIDC, SAML, and FIDO2 passkeys before granting access to internal applications and SaaS APIs. The system is distinguished by its secretless access broker, which injects credentials—such as API keys, passwords, and AWS Sigv4 signatures—at the gateway level so users can access databases and cloud resources without managing secrets. It further specializes in AI gateway administration,

    Provides secure SSH access to the host machine using centralized identity providers.

    Goabacai-gatewayapi-gateway
    Auf GitHub ansehen↗3,371
  1. Home
  2. Security & Cryptography
  3. Identity-Based SSH Access

Unter-Tags erkunden

  • Ephemeral Access TokensIssues revocable, time-limited tokens that grant temporary SSH access to specific targets without permanent accounts. **Distinct from Identity-Based SSH Access:** Distinct from Identity-Based SSH Access: focuses on ephemeral ticket-based access rather than persistent identity provider integration.