30 open-source projects similar to sshnet/ssh.net, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best SSH.NET alternative.
ssh2 is a JavaScript implementation of the SSH2 protocol for Node.js, providing the core components necessary to create secure clients and servers. It enables the establishment of authenticated sessions for remote server automation and secure communication. The project distinguishes itself by providing a complete suite of tools for identity management, including utilities for generating and parsing cryptographic key pairs and integrating with external authentication agents. It also functions as a tunneling proxy capable of routing TCP, HTTP, X11, and SOCKSv5 network traffic through encrypted
This project is a Go library and framework for implementing the SSH protocol. It provides a toolkit for building custom SSH servers, managing encrypted connections, and handling remote command execution. The implementation focuses on flexible session management through callback-based handling and a pluggable authentication system that supports passwords, public keys, and certificates. It includes mechanisms for secure network tunneling, including local and reverse port forwarding for TCP and Unix domain socket traffic. The library covers a broad range of protocol capabilities, including cryp
Sish is a reverse SSH proxy and tunneling server designed to expose local services to the internet. It functions as an SSH tunneling proxy that routes HTTP, WebSocket, and TCP traffic from a remote server to a local machine, enabling the creation of public URLs for local applications. The project distinguishes itself through a combination of an SNI proxy for routing encrypted TLS traffic without decryption and a TCP load balancer that distributes incoming requests across multiple backend targets. It also includes a dedicated service console for real-time inspection and debugging of forwarded
This project provides a remote development extension pack and infrastructure for bootstrapping isolated toolchains and runtimes. It enables a system for opening folders and executing code across SSH hosts, Docker containers, and the Windows Subsystem for Linux. The system utilizes a client-server split architecture to separate the user interface from the extension host and language servers. It features a secure connection layer for SSH remote editing, a bridge for WSL integration, and a remote port forwarding tool to tunnel network traffic from remote environments to a local machine. The pro
phpseclib is a pure-PHP cryptographic library that provides a comprehensive suite of cryptographic operations entirely without requiring compiled C extensions. At its core, it implements arbitrary-precision integer arithmetic for big-number math, ASN.1 DER encoding and decoding for working with cryptographic data structures, and a full set of pure-PHP cryptographic primitives. The library is designed to operate on PHP 5.6 and above, automatically detecting and using native extensions like GMP or BCMath when available, but falling back to its own pure-PHP implementations when they are not. The
Microsandbox is a runtime for creating and managing lightweight, hardware-isolated virtual machines — called sandboxes — that boot directly from standard OCI container images. Each sandbox runs as its own host process with a separate kernel, filesystem, and network stack, providing process-per-sandbox isolation. The project includes a command-line tool and multi-language SDKs (Rust, TypeScript, Python, Go) for programmatic lifecycle control, and it communicates with sandbox agents over Unix sockets using a CBOR-encoded protocol. What distinguishes Microsandbox is its combination of host-manag
Paramiko is a pure-Python implementation of the SSH2 protocol, providing a library for making secure network connections and executing remote commands. It serves as a programmatic interface for establishing encrypted communication tunnels and managing remote sessions. The project includes a full SSH server framework, allowing applications to host a secure shell server and define server-side access configurations directly within Python. It also provides a dedicated SFTP client library for secure file transfers and remote filesystem management. The library covers remote infrastructure automati
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
pysheeet is a technical reference library providing a curated collection of code snippets and implementation patterns for advanced Python development, system integration, and high-performance computing. It serves as a comprehensive guide for implementing low-level network programming, native C extensions, and asynchronous and concurrent programming. The project provides specialized frameworks for the development and deployment of large language models, including tools for distributed GPU inference and high-performance serving. It also includes detailed patterns for high-performance computing
Wish is a Go library for building SSH servers, providing a middleware-based framework that handles core SSH functionality including public-key and certificate authentication, session management, and secure file transfers via SCP and SFTP. It is designed to serve as the foundation for custom SSH applications, with built-in support for hosting Git repositories over SSH and serving interactive terminal applications. What distinguishes Wish from a basic SSH server library is its composable middleware pattern, which allows developers to layer authentication, logging, and custom session handling. I
TermSCP is a multi-protocol terminal user interface file manager used for browsing and transferring files across SCP, SFTP, FTP, S3, and WebDAV. It functions as a secure remote connection manager and an SSH file transfer client, providing a keyboard-driven environment for remote server administration. The project features a dual-pane filesystem explorer with synchronized navigation to keep local and remote views in lockstep. It integrates an embedded terminal shell for executing local and remote commands without leaving the interface and employs a remote-file edit proxy to allow modifications
Nexterm is a centralized management platform for remote server administration, providing a web-based gateway for SSH, VNC, and RDP connections. It serves as a unified interface for managing remote server connectivity, secure access control, and server resource monitoring. The platform integrates a Docker container orchestrator and a virtualization management console to control LXC and QEMU containers. It features an identity gateway that supports OpenID Connect single sign-on and two-factor authentication, alongside an SFTP file manager for remote file transfer and organization. The system i
sshcode is a tool for deploying remote IDEs that installs and runs a VS Code editor on a remote server over SSH for browser-based access. It functions as an SSH remote IDE deployer and tunneling proxy, routing the remote editor instance to a local browser port via secure shell encrypted tunnels. The system synchronizes local editor settings and extensions to a remote server to ensure consistent development environments. This includes backing up and transferring user configurations between local machines and remote filesystems. The project manages the full lifecycle of remote development, inc
This is a GitHub Action that executes shell commands on remote servers over SSH as part of a CI/CD pipeline. It supports authentication using passwords, private keys, or private keys with passphrases, and can verify the SHA256 fingerprint of the remote host's public key before connecting to prevent man-in-the-middle attacks. The action can connect to multiple remote hosts in a single workflow step, optionally executing commands synchronously across all of them. It also supports routing SSH connections through an intermediate jump host to reach target servers in restricted networks. Environmen
Positron is a data science integrated development environment and AI-powered code editor designed for polyglot development, specifically supporting Python and R. It functions as a remote compute workspace that separates the user interface from the execution kernel via SSH or container integration. The environment features a deep integration of large language models that provide context-aware suggestions and automated data analysis by accessing real-time interpreter state, in-memory objects, and plot outputs. It distinguishes itself through a polyglot runtime bridge that enables cross-language
Mutagen is a cross-platform file synchronization engine and development environment orchestrator. It provides real-time bidirectional file synchronization between local machines, remote servers, and Docker containers, often utilizing SSH for transport. The tool functions as a high-performance alternative to Docker bind mounts by mirroring files between a local host and a running container. It also operates as a network port forwarding utility, routing TCP traffic and Unix domain sockets between local and remote environments via SSH. Its capability surface includes filesystem event monitoring
Netmiko is a Python library and multi-vendor network automation toolkit that provides a unified interface for managing diverse network hardware. It functions as an SSH CLI connection wrapper, simplifying the process of establishing secure sessions and automating interactions with network devices. The project abstracts vendor-specific connection logic and command syntax through a driver-based system, allowing for consistent automation across different hardware brands. It includes capabilities for device type auto-detection and supports custom vendor extensions to ensure compatibility with unsu
Axiom is a cloud infrastructure orchestrator and distributed security scanning framework. It serves as a manager for deploying, snapshotting, and destroying disposable virtual machine fleets across multiple cloud providers and regions. The project distinguishes itself by automating the provisioning of vulnerability toolsets and security auditing software across these remote servers. It features a mechanism for distributing security scans by sharding target lists across a fleet of instances and aggregating the resulting data into unified files and HTML reports. The system covers a broad range
This project provides secure, containerized infrastructure designed for autonomous agents, remote code execution, and cloud development. It functions as a sandboxed environment where AI agents and external processes can execute code, run shell commands, and manage files while remaining isolated from the host system. The system distinguishes itself by implementing the Model Context Protocol, allowing it to act as a standardized tool server that exposes browser and filesystem capabilities to compatible clients. It further integrates headless browser automation, enabling programmatic web navigat
lazyssh is a keyboard-driven SSH connection manager and server browser designed for remote host administration. It provides a centralized interface to organize, filter, and launch secure shell sessions to multiple remote servers. The tool features a fuzzy-search server browser that allows for rapid location of hosts by alias, IP address, or tags. It includes an integrated configuration editor for managing host entries and a session orchestrator that handles proxy jumps, port forwarding, and identity file assignments. The system further automates connectivity through automatic identity file d
This project is an Android RPA framework designed for automating user interfaces and system tasks on rooted Android devices using Python and ADB. It provides a suite of tools for rooted device management, allowing for programmatic control of system settings, application lifecycles, and shell command execution via a remote API. The framework distinguishes itself through a combination of dynamic instrumentation and AI integration. It can inject scripts into running processes to hook Java interfaces and modifies application behavior in real time. Additionally, it supports large language model in
ssh3 is a secure shell implementation that uses HTTP/3 and the QUIC protocol as its transport layer to reduce handshake latency and improve connection stability. It provides a remote terminal environment where server identities are verified using standard HTTPS X.509 certificates instead of traditional host keys. The project integrates modern identity verification through OpenID Connect and OAuth 2.0, allowing user authentication via external identity providers. To prevent discovery by public scanners, it includes a server obfuscation feature that requires a secret URL path for client request
This is an open-source educational website that translates and localizes MIT's Missing Semester course, teaching practical computing skills for computer science students. The curriculum covers developer tooling, shell scripting, version control, security fundamentals, and open-source collaboration, with a focus on core computing skills including data processing pipelines, workflow automation, secure remote access, shell productivity, Vim editing, and Git version control. The project distinguishes itself by teaching command-line mastery, shell scripting, and automation to boost daily developer
KCP is a low-latency transport protocol and reliability layer designed to provide TCP-like guaranteed delivery and ordering over UDP. It implements an automatic repeat request protocol to minimize network jitter and delays, prioritizing timeliness over bandwidth efficiency. The project distinguishes itself through a pluggable congestion controller and flow control logic, allowing the transport layer to be tuned for specific network environments. It includes a NAT keep-alive system that uses periodic heartbeat packets to maintain active communication paths and prevent address translation timeo
Reticulum is a decentralized networking stack that enables encrypted, peer-to-peer communication over diverse physical mediums without relying on central infrastructure or IP protocols. It uses self-sovereign cryptographic identities for routing and authentication, replacing traditional IP addresses with collision-free globally unique addresses that require no central coordination. Every packet is encrypted by default using ephemeral key exchanges with forward secrecy, and unencrypted traffic is dropped as invalid. The stack unifies heterogeneous transport mediums—including LoRa radio, packet
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Twisted is an event-driven networking engine for Python that provides a framework for building asynchronous network applications. At its core, it uses a reactor-based event loop to drive all input and output, dispatching callbacks in a single thread without blocking. The library implements a deferred promise chain for composing asynchronous logic, along with a protocol and factory pattern that separates connection state management from protocol handling, enabling reusable handlers for different network protocols. The framework supports multiple event loops across platforms, including select,
dnscat2 is a DNS tunneling tool and covert command and control server that encapsulates encrypted traffic within DNS queries and responses. It functions as an encrypted DNS proxy designed to bypass network firewalls and establish communication paths when standard outbound ports are blocked. The project enables the creation of covert network channels by acting as an authoritative nameserver. It supports remote command execution through interactive shells and provides a mechanism for tunneling TCP network traffic to reach restricted remote hosts. The system includes capabilities for multiplexe
libp2p is a modular peer-to-peer networking stack designed for building decentralized applications. It provides the core infrastructure necessary for nodes to discover and connect with other participants across a network without relying on central servers. The project distinguishes itself through a flexible transport layer that abstracts multiple protocols, including TCP, QUIC, WebSockets, and WebTransport, into a single interface. It features specialized tools for NAT and firewall traversal, such as hole punching and relay nodes, to establish direct connections between peers and web browsers
This repository contains the comprehensive documentation for a code editor focused on AI-assisted software development and remote development workflows. It covers the implementation of AI agents and language models used for autonomous code generation, large-scale refactoring, and task iteration. The project is distinguished by its deep integration of autonomous AI agents capable of web navigation, application logic validation, and orchestrating multi-step development processes. It provides specialized frameworks for tailoring AI behavior through custom instructions, model context protocols, a