gliderlabs/sshfront gliderlabs/sshfront

  • Stars
    star
    289
  • Rank 138,640 (Top 3 %)
  • Language
    Go
  • License
    MIT License
  • Created almost 10 years ago
  • Updated 5 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
gliderlabs/sshfront
github

gliderlabs

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Programmable SSH frontend

sshfront

CircleCI IRC Channel

A lightweight SSH server frontend where authentication and connections are controlled with command handlers / shell scripts.

Using sshfront

Usage: ./sshfront [options] <handler>

  -a="": authentication hook. empty=allow all
  -d=false: debug mode
  -e=false: pass environment to handler
  -h="0.0.0.0": ip to listen on
  -k="~/.ssh/id_rsa": private host key path
  -p="22": port to listen on

handler $command...

  • $command... command line arguments specified to run by the SSH client

The handler is a command that's used to handle all SSH connections. Output, stderr, and the exit code is returned to the client. If the client provides stdin, that's passed to the handler.

If the authentication hook was specified, any output is parsed as environment variables and added to the handler environment. $USER is always the SSH user used to connect and $SSH_ORIGINAL_COMMAND is the command specified from the client if not interactive.

auth-hook $user $key

  • $user argument is the name of the user being used to attempt the connection
  • $key argument is the public key data being provided for authentication

The auth hook is a command used for authenticating incoming SSH connections. If it returns with exit status 0, the connection will be allowed, otherwise it will be denied. The output of auth hook must be empty, or key-value pairs in the form KEY=value separated by newlines, which will be added to the environment of connection handler.

The auth hook is optional, but if not specified then all connections are allowed. It is a good idea to always specify an auth hook.

Examples

Many of these bypass authentication and may allow remote execution, do not run this in production.

Echo server:

server$ sshfront $(which echo)
client$ ssh $SERVER "hello world"
hello world

Echo host's environment to clients:

server$ sshfront -e $(env)
client$ ssh $SERVER
USER=root
HOME=/root
LANG=en_US.UTF-8
...

Bash server:

server$ sshfront $(which bash)
client$ ssh $SERVER
bash-4.3$ echo "this is a bash instance running on the server"
this is a bash instance running on the server

Sponsors

This project was made possible thanks to Deis and DigitalOcean.

License

MIT

More Repositories

1

docker-alpine

Alpine Linux Docker image. Win at minimalism!
Shell
5,692
star
2

registrator

Service registry bridge for Docker with pluggable adapters
Go
4,655
star
3

logspout

Log routing for Docker container logs
Go
4,609
star
4

ssh

Easy SSH servers in Golang
Go
3,470
star
5

herokuish

Utility for emulating Heroku build and runtime tasks in containers
Shell
1,415
star
6

docker-consul

Dockerized Consul
Shell
1,071
star
7

connectable

Magic proxy for internal services
Go
463
star
8

sigil

Standalone string interpolator and template processor
Go
405
star
9

resolvable

Host-level DNS gateway for Docker
Go
313
star
10

com

Library for structuring Golang applications into components
Go
90
star
11

hostlocal

Host-level localhost for containers
69
star
12

hostctl

Opinionated CLI utility for easily provisioning cloud VMs
Go
35
star
13

stdcom

Re-usable Go components and micro-frameworks
Go
33
star
14

glidergun

Shell
31
star
15

cmd

Go
29
star
16

cellstack

DEPRECATED
Shell
23
star
17

pagebuilder

HTML
16
star
18

slack

JavaScript
15
star
19

comlab

Glider Labs app framework and development utility
Go
15
star
20

python-runtime

DEPRECATED
Shell
13
star
21

dockerbox

Container that runs a Docker daemon configured for running user code.
Go
13
star
22

infra.gl

DEPRECATED
HCL
12
star
23

kube-certdaemon

Simple daemon to fetch and refresh Let's Encrypt certs stored in k8s secrets
Go
7
star
24

glu

Glider Labs Utility, DEPRECATED
Go
7
star
25

gliderlabs.github.io

JavaScript
4
star
26

glidergun-rack

Shell
4
star
27

exp

Experimental projects and PoCs
Go
2
star
28

pkg

Go
2
star
29

ci

CI environment for Glider Labs projects
1
star
30

bigtoy

Glider Labs Semantic UI theme
1
star
31

gliderlabs.io

JavaScript
1
star
32

dns

HCL
1
star