56 Repos
Authentication and authorization for SSH connections using identity-based credentials.
Distinguishing note: Focuses on SSH-specific identity integration.
Explore 56 awesome GitHub repositories matching security & cryptography · Secure SSH Access. Refine with filters or upvote what's useful.
Dieses Projekt ist ein von der Community kuratiertes Verzeichnis von Open-Source-Software, die für den Einsatz in privaten Serverumgebungen und Home-Labs konzipiert ist. Es dient als umfassende Ressource zur Entdeckung unabhängiger, selbst gehosteter Alternativen zu gängigen Cloud-Diensten und ermöglicht es Nutzern, die volle Datenhoheit und Kontrolle über ihre digitale Infrastruktur zu behalten. Das Verzeichnis ist durch eine hierarchische Taxonomie strukturiert, die eine riesige Sammlung von Anwendungen in logische Kategorien organisiert, von Medienmanagement und Datenanalyse bis hin zu privater Kommunikation und Tools für die Teamproduktivität. Es zeichnet sich durch einen kollaborativen Peer-Review-Prozess aus, bei dem Community-Mitglieder die Qualität und Relevanz jeder Einreichung validieren, um sicherzustellen, dass das Verzeichnis korrekt und zuverlässig bleibt. Das Projekt deckt ein breites Spektrum an Fähigkeiten ab, einschließlich Infrastruktur-Automatisierung, containerbasierter Service-Bereitstellung und deklarativem Konfigurationsmanagement. Diese Tools unterstützen Nutzer bei der Aufrechterhaltung reproduzierbarer Serverumgebungen und der Verwaltung komplexer Service-Abhängigkeiten auf privater Hardware. Das Verzeichnis wird als versionskontrolliertes Repository gepflegt, wodurch sichergestellt wird, dass alle Updates und Community-gesteuerten Änderungen nachverfolgt und transparent sind.
Provides a bastion server to manage SSH access with session recording and hardware-backed key protection.
Daytona is a cloud-native development environment platform designed to orchestrate ephemeral, containerized workspaces. It provides a centralized system for managing reproducible coding environments as code, ensuring consistency across distributed teams by abstracting the underlying infrastructure. By utilizing declarative configuration, the platform automates the entire lifecycle of development sandboxes, from initial provisioning to resource governance. The platform distinguishes itself through its infrastructure-agnostic runner layer, which allows development environments to be deployed ac
Provides secure, token-authenticated SSH access to isolated development sandboxes.
Tailscale is a zero-trust networking overlay that connects distributed devices and services into a private, encrypted mesh network. By utilizing a high-performance, user-space implementation of the WireGuard protocol, it establishes secure peer-to-peer tunnels across diverse network topologies without requiring complex firewall configuration. The platform operates on a centralized control plane that manages global network state, authentication, and policy distribution, ensuring that connectivity is governed by identity rather than traditional IP-based rules. What distinguishes Tailscale is it
Authenticates and authorizes secure shell connections using existing identity credentials.
JumpServer is a privileged access management platform designed to manage and audit secure access to SSH, RDP, Kubernetes, and database endpoints. It functions as a centralized gateway that brokers remote terminal and graphical sessions to isolate users from critical infrastructure. The system utilizes a web-based protocol gateway to translate remote connections into browser-compatible streams and a protocol-based proxy layer to isolate end-user devices from target assets. It incorporates security watermarking to deter unauthorized screen captures and provides a Kubernetes access gateway for c
Implements a secure gateway that brokers SSH and RDP sessions to isolate users from critical infrastructure.
Vagrant is a virtual machine environment manager and infrastructure as code tool used to create and configure consistent development environments. It acts as a virtual machine provisioner and hypervisor abstraction layer, allowing users to define machine specifications and automate software installation on guest systems via declarative configuration files. The project enables cross-hypervisor orchestration by decoupling the command interface from specific virtualization backends. It ensures environment consistency through the distribution of pre-configured machine images and the orchestration
Establishes secure shell access between host and guest machines using public and private keypairs.
NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce
Automates the generation of SSH configuration files to facilitate secure, identity-based host access.
cmux is a GPU-accelerated terminal emulator and workspace manager designed for coordinating multiple concurrent AI coding agents. It functions as an orchestration terminal that uses scriptable workspaces and split panes to manage parallel AI agent workflows, while also serving as a headless browser automation tool and a remote development relay. The project differentiates itself through a programmatic control plane using a Unix domain socket and CLI, allowing for the automated management of terminal layouts and input delivery. It features an integrated web engine for programmatic DOM manipula
Transmits terminal data and commands over SSH using a background daemon to maintain connectivity.
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Connects users to remote hosts via terminal over a private tunnel using friendly aliases.
This project provides a complete Linux environment for mobile devices by emulating an x86 architecture and translating system calls into native mobile operations. It functions as a terminal emulator that allows users to run standard command-line utilities, manage software packages, and execute unmodified Linux binaries directly on their mobile hardware. The environment distinguishes itself through its ability to maintain persistent background execution, preventing the mobile operating system from suspending shell tasks or active processes. It supports a containerized approach to the root file
Enables remote access to the mobile Linux environment by running a secure shell daemon.
kops is a Kubernetes cluster provisioner and lifecycle manager designed to automate the creation, maintenance, and destruction of production-grade clusters on cloud infrastructure. It functions as a declarative infrastructure manager, synchronizing the live state of a cluster with versioned manifests stored in remote object storage to ensure idempotent operations. The project distinguishes itself by offering comprehensive automation for the entire cluster lifecycle, including high-availability control plane deployment, incremental rolling updates, and automated version upgrades. It also serve
Manages secure shell access to nodes by configuring public keys and restricting source IP addresses.
Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from stru
Facilitates secure remote server management via SSH public key authentication.
Fabric is a command-line interface and framework designed to integrate artificial intelligence reasoning into shell-based workflows. It functions as an orchestration tool that connects local data pipelines to remote artificial intelligence services, allowing users to automate content analysis and complex reasoning tasks directly from the terminal. The project distinguishes itself through a modular architecture that treats prompt patterns as version-controlled, reusable logic stored on the local filesystem. By utilizing standard input and output streams, it enables users to chain these analyti
Authenticates remote sessions using SSH keys or agents to establish secure administrative access.
Coder is a self-hosted platform for provisioning and managing isolated, containerized development environments. It provides a centralized infrastructure for teams to deploy ephemeral workspaces on private cloud or on-premises hardware, ensuring consistent toolchains and dependencies across distributed development environments. The platform distinguishes itself through its focus on secure, infrastructure-as-code governance and autonomous agent integration. It allows organizations to define reusable, versioned environment templates that integrate with existing identity providers and role-based
Configures local SSH clients to securely access remote workspaces using generated key pairs and optimized network paths.
Spug is a web-based agentless SSH management platform used for executing remote commands and managing servers without requiring the installation of agent software on target machines. It serves as a centralized operations suite that integrates remote command execution, task scheduling, configuration management, health monitoring, and application deployment. The platform differentiates itself through a browser-based SSH terminal and jump box, providing direct interactive shell access to remote hosts without a local client. It also features a remote file manager for bidirectional file transfers
Enables remote server terminal access directly through a web browser without needing a local SSH client.
GitBucket is a self-hosted Git hosting platform and forge designed for managing private repositories. Built with the Scala language, it provides a web interface for version control and is implemented as a server compatible with the GitHub API to ensure integration with existing third-party tools. The platform allows for customization of the version control environment through a plugin-based extension model, enabling the installation of third-party plugins to add specialized features. Its capability surface covers software project management via integrated issue trackers, pull requests, and w
Provides secure SSH access for encrypted pushing and pulling of repository code.
Phusion/baseimage-docker is a minimal Ubuntu-based Docker base image that includes a proper init system for managing multiple services and processes inside a single container. It provides a lightweight init process that reaps zombie processes, forwards stop signals for graceful shutdown, and supervises daemons through runit, restarting them automatically if they crash. The image includes a preconfigured OpenSSH server restricted to public-key authentication for secure shell access to running containers, along with a cron daemon for scheduling recurring tasks. It supports ordered startup scrip
Provides a preconfigured OpenSSH server restricted to public-key authentication for secure container shell access.
OrbStack is a native macOS application that replaces Docker Desktop, providing an all-in-one environment for running Docker containers, full Linux virtual machines, and local Kubernetes clusters. It runs Linux VMs directly on the macOS hypervisor framework for near-native performance, uses VirtioFS for fast bidirectional file sharing between macOS and Linux, and leverages Rosetta for near-native x86 emulation on Apple Silicon. The system assigns predictable local domain names to containers and VMs with automatic HTTPS certificate generation, forwards ports via event-driven updates, and stores
Connects to a running Linux machine over SSH using a simple alias, with agent forwarding enabled.
Gitolite ist eine serverseitige Verwaltungsschicht für selbst gehostete Git-Repositories, die Repository-Einstellungen und Benutzerzugriffe über SSH-Public-Keys orchestriert. Es fungiert als Konfigurations-Orchestrator für Git, der auf einem zentralen Linux-Server Repository-Regeln und Benutzerrollen anwendet, um den Lebenszyklus gehosteter Versionskontrolldaten zu verwalten. Das System zeichnet sich durch sein Git-basiertes Verwaltungsmodell aus, bei dem alle Benutzer und Zugriffsregeln in einem dedizierten Git-Repository gespeichert sind, das als Single Source of Truth dient. Dies ermöglicht es Serveradministratoren, die Hosting-Umgebung durch das Pushen von Konfigurationsänderungen in dieses administrative Repository zu verwalten. Das Projekt bietet eine granulare Zugriffskontrolle und nutzt musterbasierten Abgleich, um Berechtigungen für bestimmte Branches und Tags einzuschränken oder zu erteilen. Es umfasst Funktionen zur Organisation von Benutzern und Repositories in Gruppen und bietet eine eingeschränkte Schnittstelle zur Ausführung administrativer Aufgaben und zur Abfrage des Serverstatus über SSH, ohne dass ein vollständiger Shell-Zugriff erforderlich ist.
Executes remote administrative commands and queries server status over SSH without a full shell session.
This is an open-source educational website that translates and localizes MIT's Missing Semester course, teaching practical computing skills for computer science students. The curriculum covers developer tooling, shell scripting, version control, security fundamentals, and open-source collaboration, with a focus on core computing skills including data processing pipelines, workflow automation, secure remote access, shell productivity, Vim editing, and Git version control. The project distinguishes itself by teaching command-line mastery, shell scripting, and automation to boost daily developer
Teaches logging into remote servers via SSH for command execution and file transfers.
OpenMediaVault is a Debian-based network attached storage (NAS) operating system that turns a computer into a dedicated storage appliance, managed entirely through a browser-based control panel. It provides a unified configuration interface for managing file sharing protocols, RAID arrays, user permissions, and network services, with extensibility through a modular plugin system that adds new capabilities without modifying the core installation. The platform supports setup and management of multiple RAID levels for data redundancy or performance, and exposes file storage over protocols includ
Provides secure remote terminal access and file transfer over the SSH protocol.