awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

89 repositorios

Awesome GitHub RepositoriesPublic Key Authentication

Mechanisms for verifying identity using cryptographic key pairs and signatures.

Distinct from Authentication and Keys: Candidates were too focused on API keys or external verifiers rather than the SSH public key handshake.

Explore 89 awesome GitHub repositories matching security & cryptography · Public Key Authentication. Refine with filters or upvote what's useful.

Awesome Public Key Authentication GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • linsa-io/linsa.ioAvatar de linsa-io

    linsa-io/linsa.io

    16,880Ver en GitHub↗

    Linsa.io is an end-to-end encrypted cloud storage service and zero-knowledge data vault. It functions as a private content sharing platform that encrypts files and data on the client side, ensuring only the owner can access the stored content. The project employs a local-first approach, processing data updates and encryption on the local device before syncing encrypted blobs to a remote persistence layer. It uses a zero-knowledge architecture where the service provider cannot access decryption keys or view the plaintext content of stored files. The platform provides capabilities for private

    Verifies user identities using cryptographic key pairs to establish secure sessions without passwords.

    TypeScript
    Ver en GitHub↗16,880
  • kubernetes/kopsAvatar de kubernetes

    kubernetes/kops

    16,631Ver en GitHub↗

    kops is a Kubernetes cluster provisioner and lifecycle manager designed to automate the creation, maintenance, and destruction of production-grade clusters on cloud infrastructure. It functions as a declarative infrastructure manager, synchronizing the live state of a cluster with versioned manifests stored in remote object storage to ensure idempotent operations. The project distinguishes itself by offering comprehensive automation for the entire cluster lifecycle, including high-availability control plane deployment, incremental rolling updates, and automated version upgrades. It also serve

    Marks specific keypairs as distrusted to prevent their use for authentication within the cluster.

    Gocncfcontainersgo
    Ver en GitHub↗16,631
  • apache/predictionioAvatar de apache

    apache/predictionio

    12,522Ver en GitHub↗

    PredictionIO is a machine learning server designed for the deployment of predictive models to transform raw data into actionable predictions. It manages the full lifecycle of machine learning operations, from ingesting event data via APIs to hosting production-ready predictive services for real-time inference. The system supports distributed model training by spreading computational workloads across a cluster of nodes to increase processing speed. It enables the implementation of custom prediction engines using programming languages or the application of pre-built model templates for common t

    Uses public key signatures to validate the authenticity and integrity of project source code.

    Scala
    Ver en GitHub↗12,522
  • vanhauser-thc/thc-hydraAvatar de vanhauser-thc

    vanhauser-thc/thc-hydra

    11,943Ver en GitHub↗

    Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f

    Tests lists of usernames and private key files against remote SSH servers to identify valid pairs.

    C
    Ver en GitHub↗11,943
  • canopy-network/canopyAvatar de canopy-network

    canopy-network/canopy

    11,413Ver en GitHub↗

    Canopy is the official Go implementation of a blockchain node that runs a recursive network architecture, enabling new blockchains to launch as dependent layers that can later graduate into fully independent security roots. The project provides a hybrid consensus mechanism that combines Byzantine fault-tolerant Proof-of-Stake with Verifiable-Delay Functions, delivering instant finality while protecting against long-range attacks through trustless chain age verification. Validators secure multiple chains simultaneously through restaking, where a single bonded stake serves as collateral across t

    Fetches public and encrypted private keys via the admin RPC for local development and testing.

    Goauto-scaling-architecturelayerless-blockchain-creatormesh-security-provider
    Ver en GitHub↗11,413
  • nostr-protocol/nostrAvatar de nostr-protocol

    nostr-protocol/nostr

    11,414Ver en GitHub↗

    Nostr is a decentralized social protocol and censorship-resistant messaging standard. It operates as a distributed event relay network where user identities are defined by public-key cryptography rather than centralized account databases. The protocol enables the exchange of cryptographically signed messages across a network of independent relays. This system allows for the broadcasting of signed notes to multiple servers to ensure content availability and permanence, while using public-key pairs to prove authorship and authenticity without a central registry. The system covers distributed c

    Uses cryptographic public keys as unique user identifiers, eliminating the need for centralized account databases.

    Ver en GitHub↗11,414
  • paramiko/paramikoAvatar de paramiko

    paramiko/paramiko

    9,779Ver en GitHub↗

    Paramiko is a pure-Python implementation of the SSH2 protocol, providing a library for making secure network connections and executing remote commands. It serves as a programmatic interface for establishing encrypted communication tunnels and managing remote sessions. The project includes a full SSH server framework, allowing applications to host a secure shell server and define server-side access configurations directly within Python. It also provides a dedicated SFTP client library for secure file transfers and remote filesystem management. The library covers remote infrastructure automati

    Implements the cryptographic handshake for key-based authentication without password transmission.

    Python
    Ver en GitHub↗9,779
  • bluesky-social/atprotoAvatar de bluesky-social

    bluesky-social/atproto

    9,474Ver en GitHub↗

    atproto is a decentralized social networking protocol implementation and a schema-driven API framework. It provides the networking and data standards required to build interoperable social networks where users control their own identity and data through a personal data server specification. The project distinguishes itself through a DID-based identity system for managing cryptographic keys and verifiable profiles, alongside a lexicon-based protocol definition that uses versioned schemas to ensure consistency across network services. It utilizes Merkle Search Trees for verifiable data storage,

    Converts public keys into strings that include the metadata required for decentralized identification.

    TypeScript
    Ver en GitHub↗9,474
  • irungentoo/toxcoreI

    irungentoo/toxcore

    8,751Ver en GitHub↗

    Toxcore is a peer-to-peer networking library that implements a decentralized communication protocol for secure messaging and media calls without the use of central servers. It provides a core engine for establishing direct encrypted connections between devices using a public-key identity system where unique identifiers serve as both addresses and authentication keys. The project features a decentralized network architecture that utilizes a distributed hash table for peer discovery and Kademlia-based routing to locate participants. To maintain connectivity across restrictive network environmen

    Employs a public-key identity system where unique cryptographic identifiers serve as both network addresses and authentication keys.

    C
    Ver en GitHub↗8,751
  • teamhanko/hankoAvatar de teamhanko

    teamhanko/hanko

    8,801Ver en GitHub↗

    Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.

    Provides a JWKS mechanism to retrieve public keys for validating signed identity tokens.

    Go2faauthenticationciam
    Ver en GitHub↗8,801
  • judasn/linux-tutorialAvatar de judasn

    judasn/Linux-Tutorial

    8,730Ver en GitHub↗

    This is a practical, step-by-step guide to Linux system administration, command-line usage, and development environment setup, written from the perspective of a Java developer. The tutorial is structured as a sequence of terminal commands with explanations, teaching system administration through direct modification of plain-text configuration files. It provides separate workflows for CentOS, Ubuntu, and Kali Linux, covering both yum and apt package managers with equivalent commands for each operation. The guide emphasizes a security-first workflow, walking through firewall configuration, SSH

    Teaches how to manually upload a public key to a remote server and append it to authorized_keys.

    Shellcentoselasticsearchfastdfs
    Ver en GitHub↗8,730
  • dat-ecosystem/datAvatar de dat-ecosystem

    dat-ecosystem/dat

    8,231Ver en GitHub↗

    Dat is a peer-to-peer file synchronization tool that combines an append-only, hash-addressed log with Merkle tree verification, cryptographic access keys, live streaming replication, and swarm networking for sparse, versioned file sharing. It stores file data and metadata in a cryptographically signed, versioned append-only log where each entry is identified by its hash, and uses public-key cryptography to secure archives with separate read and write keys. The tool enables live streaming replication of data between peers as entries are appended, with Merkle tree integrity verification that su

    Secures archives with public-key cryptography, requiring separate read and write keys for access control.

    JavaScriptcommand-linedatdat-node
    Ver en GitHub↗8,231
  • smallstep/certificatesAvatar de smallstep

    smallstep/certificates

    8,245Ver en GitHub↗

    This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider

    Retrieves public keys from certificates to facilitate signature verification and data encryption.

    Goacmeacme-serverca
    Ver en GitHub↗8,245
  • pocket-id/pocket-idAvatar de pocket-id

    pocket-id/pocket-id

    8,185Ver en GitHub↗

    Pocket ID is a self-hosted OpenID Connect (OIDC) identity provider that replaces traditional passwords with passkey-based authentication using WebAuthn public-key cryptography. It runs as a standalone service on user-managed infrastructure, eliminating shared secrets entirely by authenticating users through passkeys instead of passwords. The project distinguishes itself through security-hardened deployment patterns, including distroless container images, non-root user execution, and read-only root filesystems to reduce the attack surface. It supports configurable token signing algorithms (RSA

    Authenticates users using WebAuthn public-key cryptography instead of passwords, eliminating shared secrets.

    Goidpoidcpasskeys
    Ver en GitHub↗8,185
  • estrellaxd/auto_bangumiAvatar de EstrellaXD

    EstrellaXD/Auto_Bangumi

    8,097Ver en GitHub↗

    Auto Bangumi is an automated anime downloader that subscribes to RSS feeds and downloads new episodes as they are released, then renames and organizes the files into a media-library-friendly structure. The application is packaged as a Docker container for straightforward deployment and provides a browser-based interface for managing RSS feeds, downloader settings, and subscription rules. The tool distinguishes itself through several integrated capabilities. It includes a calendar-based subscription view that displays subscribed anime according to broadcast schedules, and a mid-season catch-up

    Uses WebAuthn standard for passwordless login via registered passkeys, issuing tokens for session management.

    Pythonanimeauto-downloaderdocker
    Ver en GitHub↗8,097
  • linkedin/school-of-sreAvatar de linkedin

    linkedin/school-of-sre

    8,093Ver en GitHub↗

    This project is a comprehensive educational resource and curriculum focused on site reliability engineering, distributed systems, and infrastructure operations. It provides technical guides, a systems engineering course, and instructional manuals designed to teach the principles of managing large-scale computing environments. The curriculum covers high-level architectural design for scalability and resilience, including fault-tolerant infrastructure, high-availability patterns, and microservices decomposition. It emphasizes the practical application of site reliability engineering through the

    Instructs on setting up public and private key pairs for secure, automated remote logins.

    HTMLgithadooplinux
    Ver en GitHub↗8,093
  • n0-computer/irohAvatar de n0-computer

    n0-computer/iroh

    7,858Ver en GitHub↗

    Iroh is a peer-to-peer networking stack and distributed system designed for secure direct connections, content-addressed storage, and synchronized data sharing. It provides a foundation for decentralized applications by combining a QUIC-based networking layer with primitives for distributed state and data transfer. The project distinguishes itself through a comprehensive suite of decentralized capabilities, including a distributed data store using conflict-free replicated data types for collaborative synchronization and a content-addressed storage system for verifiable, resumable transfers of

    Encrypts and authenticates all network traffic using public-key pairs to ensure secure communication.

    Rustdoes-anyone-read-thesememesp2p
    Ver en GitHub↗7,858
  • cryptpad/cryptpadAvatar de cryptpad

    cryptpad/cryptpad

    7,739Ver en GitHub↗

    CryptPad is a self-hosted, zero-knowledge office suite designed for real-time collaborative editing and content management. It provides a privacy-centric infrastructure where documents, files, and notes are encrypted in the browser before transmission, ensuring that the server administrator cannot access the underlying data. The platform implements zero-knowledge user authentication, utilizing cryptographic keys to verify identities so that plain text passwords are never stored on the server. To further isolate sensitive operations, the system employs a security architecture that separates th

    Implements identity verification using cryptographic key pairs to eliminate the need for server-side password storage.

    JavaScriptchainpadcollaborationcollaborative-editing
    Ver en GitHub↗7,739
  • mystenlabs/suiAvatar de MystenLabs

    MystenLabs/sui

    7,612Ver en GitHub↗

    Sui is a blockchain platform featuring an object-centric state model and resource-oriented smart contracts. It utilizes parallel transaction execution to increase network throughput and supports programmable transaction blocks that bundle multiple operations into single atomic units. The platform distinguishes itself with a capability-based access control system and zero-knowledge login mechanisms, enabling users to authenticate via identity providers without seed phrases. It also implements deterministic object addressing to allow predictable state lookups and supports the creation of soulbo

    Sui generates new keypairs with various schemes and tracks active addresses used for network transactions.

    Rustblockchaindistributed-ledger-technologymove
    Ver en GitHub↗7,612
  • rustls/rustlsAvatar de rustls

    rustls/rustls

    7,470Ver en GitHub↗

    rustls is a memory-safe implementation of the Transport Layer Security protocol written in Rust. It provides a cryptographic stack for secure network communication, supporting both TLS 1.3 and 1.2 standards for client and server implementations. The project is designed as a modular cryptographic library that allows swapping underlying cryptographic backends and primitive providers to meet specific security or performance requirements. It incorporates a post-quantum cryptography stack, utilizing hybrid key exchanges and signatures to protect data against future quantum computing threats. The

    Verifies identity using raw public keys instead of full certificates to establish secure network connections.

    Rustcryptographyrustssl
    Ver en GitHub↗7,470
Ant.1234…5Siguiente
  1. Home
  2. Security & Cryptography
  3. Public Key Authentication

Explorar subetiquetas

  • Asymmetric Identity SystemsSystems where public-private key pairs define the network address and authentication identity. **Distinct from Public Key Authentication:** Focuses on the use of keys as network addresses, not just for authenticating a session.
  • Cloud Key ImportersMechanisms for uploading SSH public keys to cloud provider key management systems for instance authentication. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: covers the provider-side import step, not the authentication handshake itself.
  • Fingerprint-Based Identity SystemsIdentifies and authenticates users by their SSH public key fingerprints for persistent identities and role-based access. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: focuses on using key fingerprints as persistent user identities rather than just verifying signatures during authentication.
  • Human-Readable Address AliasingMapping of complex cryptographic addresses to human-readable names for simplified referencing. **Distinct from Identity Addressing:** Distinct from Identity Addressing: focuses on user-defined aliases for hexadecimal addresses rather than the underlying cryptographic identity mapping.
  • Identity Addressing4 sub-etiquetasMapping network identities to cryptographic public keys instead of physical network addresses. **Distinct from Public Key Authentication:** Focuses on using keys as network addresses/identifiers rather than just verifying an authentication handshake
  • Identity Key AttestationsCryptographic signs that bind specific public keys to identities for secure channel authentication. **Distinct from Device Attestation:** Focuses on binding keys to identities for authentication, whereas Device Attestation focuses on hardware integrity.
  • Key Distribution Methods1 sub-etiquetaTechniques for associating public keys with identities, including trust on first use and web of trust. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: covers the distribution and trust establishment of keys, not the verification handshake itself.
  • Public Key Retrieval9 sub-etiquetasMechanisms for fetching the public keys necessary to verify digital signatures. **Distinct from Public Key Authentication:** Focuses on the retrieval of keys for verification rather than the full authentication handshake
  • Public Key Verifiers3 sub-etiquetasValidates signatures on container images or artifacts against specified public keys to confirm signer identity and content integrity. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: focuses on verifying artifact signatures, not general identity authentication.
  • Public-Key Access Control12 sub-etiquetasManaging access to encrypted resources by associating them with specific cryptographic public keys. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: focuses on controlling access to data based on key ownership rather than identity verification via signatures.
  • Remote Key CopiesTransfers a public key to a remote server's authorized_keys file for automated authentication. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: focuses on the remote copy operation, not the authentication handshake.
  • SSH Key Authenticated ChatsChat servers that authenticate users via their SSH public keys for identity verification. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: focuses on using SSH public keys specifically for chat session authentication, not general identity verification.
  • Signature VerifiersComponents that verify digital signatures on inbound requests using public keys. **Distinct from Public Key Authentication:** Specifically targets request authenticity verification via signatures rather than the general SSH-style handshake.
  • Token Signature VerifiersMiddleware that verifies the authenticity of identity tokens using digital signatures and public keys. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: specifically targets the verification of inbound HTTP request tokens via middleware.
  • WebAuthn Authentications2 sub-etiquetasAuthenticates users using WebAuthn public-key cryptography instead of passwords, eliminating shared secrets. **Distinct from Public Key Authentication:** Distinct from Public Key Authentication: specifically uses the WebAuthn protocol for browser-based passkey authentication.