# jumpserver/jumpserver **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/jumpserver-jumpserver).** 30,595 stars · 5,701 forks · Python · GPL-3.0 ## Links - GitHub: https://github.com/jumpserver/jumpserver - Homepage: https://jumpserver.com - awesome-repositories: https://awesome-repositories.com/repository/jumpserver-jumpserver.md ## Topics `bastion-host` `cyberark` `django` `jumpserver` `pam` `python` `ssh-server` `teleport` `terminal` ## Description JumpServer is a privileged access management platform designed to manage and audit secure access to SSH, RDP, Kubernetes, and database endpoints. It functions as a centralized gateway that brokers remote terminal and graphical sessions to isolate users from critical infrastructure. The system utilizes a web-based protocol gateway to translate remote connections into browser-compatible streams and a protocol-based proxy layer to isolate end-user devices from target assets. It incorporates security watermarking to deter unauthorized screen captures and provides a Kubernetes access gateway for controlling administrative cluster access. Identity governance is handled through integration with external directory services, multi-factor authentication, and biometric identity verification via facial recognition. The platform also includes access activity monitoring to track security events and session lifetime management to control user expiration. The application supports a pluggable database backend for managing system configuration and logs. ## Tags ### Security & Cryptography - [Privileged Access Management](https://awesome-repositories.com/f/security-cryptography/privileged-access-management.md) — Provides a centralized platform for securing and monitoring access to sensitive administrative accounts across various infrastructure endpoints. - [Session Brokering](https://awesome-repositories.com/f/security-cryptography/session-brokering.md) — Functions as a centralized gateway that brokers remote terminal and graphical sessions to isolate users from critical infrastructure. - [Database Access Control](https://awesome-repositories.com/f/security-cryptography/database-access-control.md) — Manages and monitors administrative connections to remote databases using a web-based interface and proxy layer. - [Proxy Gateways](https://awesome-repositories.com/f/security-cryptography/database-access-control/proxy-gateways.md) — Provides a web-based proxy to interface with, control, and monitor interactions with remote databases. ([source](https://github.com/jumpserver/jumpserver/blob/dev/readmes/README.ko.md)) - [Database Query Security](https://awesome-repositories.com/f/security-cryptography/database-query-security.md) — Intercepts and monitors database connections to ensure all queries are authenticated and audited. - [Identity and Access Management](https://awesome-repositories.com/f/security-cryptography/identity-and-access-management.md) — Integrates external directory services and multi-factor authentication to govern privileged system access. - [Remote Access Proxies](https://awesome-repositories.com/f/security-cryptography/remote-access-proxies.md) — Implements a protocol-based proxy layer to isolate users from critical infrastructure assets during remote sessions. ([source](https://github.com/jumpserver/jumpserver/blob/dev/README.md)) - [Secure Database Access](https://awesome-repositories.com/f/security-cryptography/secure-database-access.md) — Establishes secure sessions to database endpoints using a web-based interface and proxy connectors. ([source](https://github.com/jumpserver/jumpserver/blob/dev/readmes/README.zh-hans.md)) - [Infrastructure Isolation Proxies](https://awesome-repositories.com/f/security-cryptography/secure-proxy-infrastructure/infrastructure-isolation-proxies.md) — Routes SSH, RDP, and database connections through a secure proxy to isolate end-user devices from target assets. - [Protocol Proxies](https://awesome-repositories.com/f/security-cryptography/secure-ssh-access/protocol-proxies.md) — Implements a secure gateway that brokers SSH and RDP sessions to isolate users from critical infrastructure. - [Biometric Authentication](https://awesome-repositories.com/f/security-cryptography/biometric-authentication.md) — Provides identity verification using facial recognition services to secure access to infrastructure. - [Biometric Face Verification](https://awesome-repositories.com/f/security-cryptography/biometric-face-verification.md) — Uses facial recognition to authenticate users before granting access to privileged systems. ([source](https://github.com/jumpserver/jumpserver/blob/dev/readmes/README.zh-hans.md)) - [Identity Provider Integrations](https://awesome-repositories.com/f/security-cryptography/identity-provider-integrations.md) — Synchronizes user identities and group memberships from external directory services. ([source](https://github.com/jumpserver/jumpserver/blob/dev/config_example.yml)) - [Identity Synchronization](https://awesome-repositories.com/f/security-cryptography/identity-synchronization.md) — Automates the synchronization of user identities from external directory services to maintain consistent authentication. - [Multi-Factor Authentication](https://awesome-repositories.com/f/security-cryptography/multi-factor-authentication.md) — Secures account access by requiring one-time passwords or facial recognition during login. ([source](https://github.com/jumpserver/jumpserver/blob/dev/config_example.yml)) - [Browser-Based Streaming](https://awesome-repositories.com/f/security-cryptography/remote-access-management/browser-based-streaming.md) — Offers a centralized web portal for launching and streaming remote sessions for various operating environments directly to the browser. ([source](https://github.com/jumpserver/jumpserver/blob/dev/readmes/README.zh-hans.md)) ### DevOps & Infrastructure - [Access Gateways](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-cluster-management/access-gateways.md) — Provides a management layer for controlling and auditing administrative access to Kubernetes clusters via a web interface. ### Networking & Communication - [Protocol Isolation Layers](https://awesome-repositories.com/f/networking-communication/protocol-abstraction-layers/protocol-isolation-layers.md) — Routes traffic through dedicated connectors to isolate user devices from target infrastructure endpoints. - [Remote Desktop Streaming](https://awesome-repositories.com/f/networking-communication/remote-desktop-streaming.md) — Launches and manages secure sessions for remote applications and graphical interfaces directly within a web browser. ### Operating Systems & Systems Programming - [Web-Based Terminal Gateways](https://awesome-repositories.com/f/operating-systems-systems-programming/terminal-command-line-environments/terminal-management/terminal-session-managers/web-based-terminal-gateways.md) — Translates SSH, RDP, and database protocols into web-compatible streams for browser-based access. ### System Administration & Monitoring - [Remote Desktop Environments](https://awesome-repositories.com/f/system-administration-monitoring/remote-desktop-environments.md) — Provides browser-based remote desktop and streaming solutions that isolate end-user devices from critical infrastructure. ([source](https://github.com/jumpserver/jumpserver/blob/dev/readmes/README.pt-br.md)) - [System Activity Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/system-activity-monitoring.md) — Tracks and visualizes system operations and security events through integrated monitoring dashboards. ([source](https://github.com/jumpserver/jumpserver/blob/dev/README.md)) ### User Interface & Experience - [Media Watermarking Tools](https://awesome-repositories.com/f/user-interface-experience/content-rendering-components/image-overlays/media-watermarking-tools.md) — Injects dynamic identifiers onto the interface to deter unauthorized screen captures of privileged sessions.