27 repository-uri
Methods for authorizing SSH sessions using network-level identity.
Distinguishing note: Focuses on the authentication mechanism for SSH.
Explore 27 awesome GitHub repositories matching security & cryptography · SSH Authentication. Refine with filters or upvote what's useful.
Acest proiect este un director curatoriat de comunitate cu software open-source conceput pentru implementarea în medii de server private și laboratoare de acasă (home labs). Servește drept resursă cuprinzătoare pentru descoperirea alternativelor independente, auto-găzduite, la serviciile cloud mainstream, permițând utilizatorilor să mențină proprietatea deplină a datelor și controlul asupra infrastructurii lor digitale. Directorul este structurat printr-o taxonomie ierarhică ce organizează o colecție vastă de aplicații în categorii logice, variind de la gestionarea media și analiza datelor la comunicare privată și instrumente de productivitate în echipă. Se distinge printr-un proces colaborativ de peer-review, unde membrii comunității validează calitatea și relevanța fiecărei trimiteri pentru a se asigura că directorul rămâne precis și fiabil. Proiectul acoperă o suprafață largă de capabilități, inclusiv automatizarea infrastructurii, implementarea serviciilor bazate pe containere și gestionarea configurației declarative. Aceste instrumente ajută utilizatorii să mențină medii de server reproductibile și să gestioneze dependențele complexe ale serviciilor pe hardware privat. Directorul este menținut ca un repository controlat prin versiuni, asigurându-se că toate actualizările și modificările conduse de comunitate sunt urmărite și transparente.
Configures custom authentication methods and execution environments for SSH sessions.
Tailscale is a zero-trust networking overlay that connects distributed devices and services into a private, encrypted mesh network. By utilizing a high-performance, user-space implementation of the WireGuard protocol, it establishes secure peer-to-peer tunnels across diverse network topologies without requiring complex firewall configuration. The platform operates on a centralized control plane that manages global network state, authentication, and policy distribution, ensuring that connectivity is governed by identity rather than traditional IP-based rules. What distinguishes Tailscale is it
Authorizes SSH connections using network node keys and access policies.
Cargo is the official build system and package manager for the Rust programming language. It provides a unified command-line interface that orchestrates the entire development lifecycle, including compiling source code, managing complex dependency graphs, running tests, and distributing packages through a centralized registry. By utilizing declarative manifest files, it ensures that builds remain reproducible and consistent across different environments. The tool distinguishes itself through its deep integration with the Rust compiler and its sophisticated approach to project management. It f
Uses system SSH agents to manage keys and verify host identities for secure communication with remote version control servers.
Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f
Authenticates into remote SSH servers using parallelized password or keyboard-interactive methods.
GitBucket is a self-hosted Git platform and version control hosting service that provides a web interface for managing repositories, issues, and pull requests. Built with a Scala-based manager, it functions as a GitHub API compatible server, allowing it to integrate with external tools that rely on that specific industry schema. The platform distinguishes itself by integrating a Maven repository host for storing and retrieving Java build artifacts alongside source code. It also features a plugin architecture that enables the addition of custom logic and new functionality to the core system.
Secures repository access and verifies user identities using SSH public key cryptography during push and pull operations.
This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider
Issues certificates that identify hosts to validate authenticity and replace static host keys.
This is an open-source educational website that translates and localizes MIT's Missing Semester course, teaching practical computing skills for computer science students. The curriculum covers developer tooling, shell scripting, version control, security fundamentals, and open-source collaboration, with a focus on core computing skills including data processing pipelines, workflow automation, secure remote access, shell productivity, Vim editing, and Git version control. The project distinguishes itself by teaching command-line mastery, shell scripting, and automation to boost daily developer
Teaches SSH key pair authentication using a challenge-response protocol.
Soft Serve is a self-hosted Git server that authenticates users via SSH public keys and provides a terminal-based user interface for browsing repositories, files, and commits. It stores repository data and configuration in either SQLite or PostgreSQL, and supports role-based access control with four permission levels for managing repository visibility and write access. The server can be deployed via Docker or managed as a systemd service, and supports webhook notifications for push, collaborator, and branch or tag events to integrate with external automation workflows. It also enables server-
Authenticates users via SSH public keys for secure server access.
This repository contains the comprehensive documentation for a code editor focused on AI-assisted software development and remote development workflows. It covers the implementation of AI agents and language models used for autonomous code generation, large-scale refactoring, and task iteration. The project is distinguished by its deep integration of autonomous AI agents capable of web navigation, application logic validation, and orchestrating multi-step development processes. It provides specialized frameworks for tailoring AI behavior through custom instructions, model context protocols, a
Manages SSH session authorization including multi-factor authentication and session multiplexing.
Warpgate is an SSH bastion host that authenticates users and proxies connections to internal servers while recording all session activity. It is distributed as a single standalone binary with no runtime dependencies, stores configuration and session data in a local SQLite database by default, and supports role-based access control to determine which users can reach which targets. The bastion verifies identity through a configurable chain of authentication methods including passwords, one-time codes, single sign-on, and time-limited ticket tokens. It captures and stores SSH session activity as
Verifies identity through a configurable chain of passwords, OTP, SSO, and ticket tokens.
ProxySU is a Windows desktop application that automates the deployment and management of proxy services on a Linux VPS. It combines single-click installation of multiple proxy protocols, including V2ray, Xray, Trojan, and Shadowsocks, with automatic SSL/TLS certificate provisioning and renewal through Let's Encrypt. The tool distinguishes itself by handling the full lifecycle of proxy server setup from a Windows environment, using SSH key-based authentication for secure, passwordless remote access. It also includes network optimization capabilities, such as activating the BBR TCP congestion c
Authenticates to remote servers using RSA, DSA, ECDSA, or Ed25519 private keys in PEM or OpenSSH format.
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
Configures SSH authentication methods including passwords, certificates, and root login settings.
The Missing Semester is a free, open-source educational curriculum designed to bridge the gap between theoretical computer science and the practical tooling every software engineer needs. Organized as a structured course, it covers Unix shell mastery, version control with Git, software debugging and profiling, system administration fundamentals, and computer security practices — the skills often left out of traditional degree programs. The project is maintained as a collaborative set of lecture notes, exercises, and guides that function as both a professional development tools course and a Uni
The Missing Semester teaches logging into remote servers by proving possession of a private key through challenge-response.
LoopBack Next este un framework API Node.js utilizat pentru construirea de API-uri REST și multi-protocol. Funcționează ca o implementare de server OpenAPI care poate fie să genereze specificații lizibile de către mașină din cod, fie să producă controllere și modele de implementare din specificații existente. Framework-ul se remarcă printr-un container central de injecție a dependențelor și un strat de acces la date bazat pe modelul repository. Această arhitectură decuplează logica aplicației de construcția componentelor și stocarea persistentă, permițând un sistem pluggable unde sursele de date și logica de business sunt izolate printr-un sistem standardizat de conectori. Proiectul acoperă o gamă largă de capabilități, inclusiv controlul accesului bazat pe roluri cu strategii de autentificare pluggable și orchestrarea serviciilor externe REST și SOAP. De asemenea, oferă instrumente pentru comunicarea în timp real prin endpoint-uri WebSocket, validarea schemelor JSON și scaffolding-ul automatizat al proiectelor printr-o interfață de linie de comandă. Dezvoltarea este susținută de un set de instrumente CLI pentru bootstrapping-ul aplicațiilor, generarea componentelor API și gestionarea dependențelor proiectului.
Registers multiple identity verification methods through a standardized interface to support various login flows.
ssh3 este o implementare secure shell care utilizează HTTP/3 și protocolul QUIC ca strat de transport pentru a reduce latența handshake-ului și a îmbunătăți stabilitatea conexiunii. Oferă un mediu de terminal la distanță unde identitățile serverului sunt verificate folosind certificate HTTPS X.509 standard în loc de chei de host tradiționale. Proiectul integrează verificarea modernă a identității prin OpenID Connect și OAuth 2.0, permițând autentificarea utilizatorului prin furnizori de identitate externi. Pentru a preveni descoperirea de către scanerele publice, include o funcție de obfuscare a serverului care necesită o cale URL secretă pentru cererile clientului. Sistemul suportă tunelarea securizată atât pentru traficul TCP, cât și pentru cel UDP, utilizând fluxuri și datagrame QUIC pentru port forwarding. Aceasta include capabilități pentru proxy jumping securizat prin servere gateway intermediare pentru a menține criptarea end-to-end.
Integrates OpenID Connect and OAuth 2.0 to verify user identities during secure shell sessions.
RStudio is a specialized integrated development environment for the R programming language and statistical computing. It provides a workbench for writing, debugging, and executing R code, offering both a desktop application and a server-hosted collaborative platform for managing data science projects. The platform enables the creation of interactive data applications, AI-powered dashboards, and technical reports. It facilitates the sharing of analysis results through a centralized publishing platform and supports the rendering of notebooks and markdown into multiple file formats. The environ
Integrates external identity providers like LDAP and SAML to manage user access and session authorization.
Wish is a Go library for building SSH servers, providing a middleware-based framework that handles core SSH functionality including public-key and certificate authentication, session management, and secure file transfers via SCP and SFTP. It is designed to serve as the foundation for custom SSH applications, with built-in support for hosting Git repositories over SSH and serving interactive terminal applications. What distinguishes Wish from a basic SSH server library is its composable middleware pattern, which allows developers to layer authentication, logging, and custom session handling. I
Verifying users via public keys, passwords, or signed certificates, and restricting access by session type or authorized keys.
Athens is a Go module proxy server and dependency cache that provides a persistent storage system for Go dependencies. It acts as a mirror and datastore to ensure reproducible build environments by storing immutable copies of external packages, protecting against upstream deletions or outages. The project distinguishes itself by serving as a secure gateway for private Go module hosting, utilizing authentication tokens, SSH keys, and GitHub Apps to retrieve dependencies from private version control systems. It further enables software dependency compliance through request filtering and checksu
Supports the use of SSH private keys or agents to authenticate and clone dependencies.
Sish este un proxy SSH invers și un server de tunelare conceput pentru a expune serviciile locale către internet. Funcționează ca un proxy de tunelare SSH care direcționează traficul HTTP, WebSocket și TCP de la un server la distanță către o mașină locală, permițând crearea de URL-uri publice pentru aplicațiile locale. Proiectul se distinge printr-o combinație de proxy SNI pentru rutarea traficului TLS criptat fără decriptare și un load balancer TCP care distribuie cererile primite către mai multe ținte backend. Include, de asemenea, o consolă de serviciu dedicată pentru inspecția și depanarea în timp real a cererilor redirecționate. Sistemul oferă control complet al accesului și gestionarea securității, incluzând autentificarea prin cheie publică și parolă, filtrarea adreselor IP și alias-uri TCP private pentru a preveni expunerea publică a anumitor servicii. Capabilitățile suplimentare includ rutarea virtual host, maparea numelor de domeniu și furnizarea automatizată de certificate SSL wildcard prin furnizori DNS. Configurarea și gestionarea tunelurilor publice și private sunt realizate printr-o interfață în linie de comandă.
Secures tunnel access using passwords or keys with the ability to reload credentials without restarting.
SSH.NET is a .NET library that implements the SSH-2 protocol for encrypted remote connections and secure file transfers. It provides a complete SSH-2 protocol stack implementation with a channel multiplexing engine that manages multiple concurrent channels over a single connection, supporting simultaneous shell sessions, remote command execution, SFTP transfers, and port forwarding tunnels. The library includes a pluggable authentication pipeline supporting password, public key, certificate, keyboard-interactive, and multi-factor authentication combinations. The library distinguishes itself t
Supports password, public key, and keyboard-interactive authentication, including multi-factor combinations, over SSH.