dokku/sshcommand dokku/sshcommand

  • Stars
    star
    361
  • Rank 117,957 (Top 3 %)
  • Language
    Shell
  • License
    MIT License
  • Created over 11 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
dokku/sshcommand
github

dokku

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Turn SSH into a thin client specifically for your app

sshcommand

Build Status

Simplifies running a single command over SSH, and manages authorized keys (ACL) and users in order to do so.

It basically simplifies running:

ssh user@server 'ls -l <your-args>'

into:

ssh ls@server <your-args>

Commands

sshcommand create                    <USER> <COMMAND>                # Creates a local system user and installs sshcommand skeleton
sshcommand acl-add                   <USER> <NAME> <KEY_FILE>        # Adds named SSH key to user from STDIN or argument
sshcommand acl-remove                <USER> <NAME>                   # Removes SSH key by name
sshcommand acl-remove-by-fingerprint <USER> <FINGERPRINT>            # Removes SSH key by fingerprint
sshcommand list                      <USER> [<NAME>] [<OUTPUT_TYPE>] # Lists SSH keys by user, an optional name and a optional output format (JSON)
sshcommand help                      <COMMAND>                       # Shows help information
sshcommand version                                                   # Shows version

Example

On a server, create a new command user:

sshcommand create cmd /path/to/command

On your computer, add authorized keys with your key:

cat ~/.ssh/id_rsa.pub | ssh root@server sshcommand acl-add cmd progrium

If the public key is already on the server, you may also specify it as an argument:

ssh root@server sshcommand acl-add cmd progrium ~/.ssh/id_rsa.pub

By default, key names and fingerprints must be unique. Both of these checks can be disabled by setting the following environment variables to false:

export SSHCOMMAND_CHECK_DUPLICATE_FINGERPRINT="false"
export SSHCOMMAND_CHECK_DUPLICATE_NAME="false"

Now anywhere with the private key you can easily run:

ssh cmd@server

Anything you pass as the command string will be appended to the command. You can use this to pass arguments or if your command takes subcommands, expose those subcommands easily.

/path/to/command subcommand

Can be run remotely with:

ssh cmd@server subcommand

When adding an authorized key, you can also specify custom options for AUTHORIZED_KEYS by specifying the SSHCOMMAND_ALLOWED_KEYS environment variable. This should be a list of comma-separated options. The default keys are as follows:

no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding

This can be useful for cases where the ssh server does not allow certain options or you wish to further constrain a user's environment. Please see man sshd for more information.

More Repositories

1

dokku

A docker-powered PaaS that helps you build and manage the lifecycle of applications
Shell
24,965
star
2

dokku-letsencrypt

Automatic Let's Encrypt TLS Certificate installation for dokku
Shell
1,048
star
3

dokku-postgres

a postgres plugin for dokku
Shell
444
star
4

dokku-redis

a redis plugin for dokku
Shell
240
star
5

dokku-mongo

a mongo plugin for dokku
Shell
171
star
6

ansible-dokku

Ansible modules for installing and configuring Dokku
Python
142
star
7

dokku-scheduler-kubernetes

Scheduler plugin for deploying applications to kubernetes
Shell
134
star
8

github-action

Shell
130
star
9

dokku-maintenance

dokku plugin that gives the ability to manage application maintenance mode
Shell
106
star
10

heroku-buildpack-nginx

Buildpack for static websites on Dokku (nginx)
Shell
103
star
11

dokku-redirect

A plugin for dokku that gives the ability to set simple redirects for an application
Shell
98
star
12

dokku-mysql

a mysql plugin for dokku
Shell
92
star
13

dokku-elasticsearch

an elasticsearch plugin for dokku
Shell
88
star
14

dokku-http-auth

dokku plugin that gives the ability to manage HTTP basic auth for an application
Shell
78
star
15

plugn

Hook system that lets users extend your application with plugins
Shell
75
star
16

dokku-mariadb

a mariadb plugin for dokku
Shell
65
star
17

dokku-api

Unmaintained: HTTP API on top of Dokku Daemon
Ruby
59
star
18

dokku-graphite

a graphite, grafana, statsd, carbon plugin for dokku
Shell
55
star
19

dokku-rabbitmq

a rabbitmq plugin for dokku
Shell
45
star
20

dokku-rethinkdb

a rethinkdb plugin for dokku
Shell
42
star
21

dokku-scheduler-nomad

Scheduler plugin for deploying applications to nomad
Shell
32
star
22

dokku-daemon

A daemon wrapper around dokku
Shell
31
star
23

ci-docker-image

A Docker Image meant for use with CI/CD pipelines
Shell
27
star
24

dokku-memcached

a memcached plugin for dokku
Shell
25
star
25

dokku-couchdb

a couchdb plugin for dokku
Shell
25
star
26

gitlab-ci

A collection of gitlab-ci examples
Shell
24
star
27

docker-wait

Shell
23
star
28

dokku-nats

a nats plugin for dokku
Shell
23
star
29

dokku-meilisearch

a meillisearch plugin for dokku
Shell
22
star
30

dokku-clickhouse

a clickhouse plugin for dokku
Shell
18
star
31

dokku-copy-files-to-image

copies files from the host onto the container
Makefile
14
star
32

dokku-update

Shell
12
star
33

dokku-solr

a solr plugin for dokku
Shell
11
star
34

dokku-event-listener

Service that listens to docker events and runs dokku commands
Makefile
10
star
35

lambda-builder

A tool for building lambda function images or zips via Docker
Go
10
star
36

dokku-registry

Deprecated in favor of the official Registry plugin introduced in 0.25.x
Shell
9
star
37

compose-transpiler

Simple docker-compose.yml to dokku commands web utility
Vue
7
star
38

docker-grafana-graphite

Docker image with StatsD, Graphite, Grafana 6
JavaScript
6
star
39

docker-letsencrypt

Docker container for the "simp_le" Let's encrypt implementation running on Alpine Linux
Dockerfile
6
star
40

docker-ambassador

A maintained version of the ambassador linking pattern
Shell
6
star
41

procfile-util

A tool for interacting with Procfiles
Go
5
star
42

omakase

Go
5
star
43

dokku-pushpin

a pushpin plugin for dokku
Shell
5
star
44

docker-image-labeler

Adds and removes labels from docker images
Makefile
5
star
45

netrc

Utility that allows users to manage netrc files
Makefile
5
star
46

dokku-arch

Shell
5
star
47

docker-container-healthchecker

Runs healthchecks against local docker containers
Go
5
star
48

dokku-typesense

a typesense plugin for dokku
Shell
5
star
49

service-proxy

An app that can be used to proxy to a datastore service's web ui
Shell
3
star
50

dokku.github.io

A blog for dokku
SCSS
3
star
51

dokku-orb

Python
3
star
52

docker-run-export

exports the flags passed to a `docker run` call to a variety of formats
Go
2
star
53

websocket-example

Go
2
star
54

.github

Organization Repository
Shell
2
star
55

smoke-test-app

Smoke test app for dokku test suite
Python
2
star
56

dokku-cron-restart

Shell
2
star
57

dokku-omnisci

an omnisci plugin for dokku
Shell
2
star
58

heroku-buildpack-null

A buildpack that performs no actions, for testing purposes
Shell
1
star
59

docker-image-updater

A tool to manually or automatically manage updated docker images
1
star
60

smoke-test-plugin

Smoke test plugin for dokku test suite
Go
1
star
61

github-playground

a playground to test github functionality
1
star
62

smoke-test-gradle-app

Java
1
star
63

tutorials

An mkdocs-based tutorial site
Shell
1
star
64

arch-herokuish

Mirror of AUR git repo for https://github.com/gliderlabs/herokuish
Shell
1
star
65

prop

A golang-based cli interface for manipulating config backed by various datastores
Go
1
star
66

test-app-5065

Python
1
star
67

docs

Docs site in generated html form
HTML
1
star
68

dokku-ansible

an ansible plugin for dokku
Shell
1
star