ssh
User-friendly SSH Connection Manager.
SSH Pilot is a user-friendly, lightweight SSH connection manager with an integrated terminal and SFTP client.
No more memorizing host aliases or complex SSH commands to manage your machines, deploy keys or set up port forwarding.
Related contents:
A terminal-based SSH manager inspired by lazydocker and k9s - Written in go.
Lazyssh is a terminal-based, interactive SSH manager inspired by tools like lazydocker and k9s — but built for managing your fleet of servers directly from your terminal. With lazyssh, you can quickly navigate, connect, manage, and transfer files between your local machine and any server defined in your ~/.ssh/config. No more remembering IP addresses or running long scp commands — just a clean, keyboard-driven UI.
Recall your SSH sessions (also search your SSH config file).
Related contents:
🧑💻 SSH connection manager with a TUI interface.
This application does not modify your existing SSH configuration files. Host settings can be spread across multiple files referenced by Include directives (and between system and user configs), so automatic editing is unreliable.
Related contents:
Bring your .bashrc, .vimrc, etc. with you when you ssh.
sshrc works just like ssh, but it also sources the ~/.sshrc on your local computer after logging in remotely.
Related contents:
Exosphere offers aggregated patch and security update reporting as well as basic system status across multiple Unix-like hosts via SSH.
Exosphere is a CLI and Text UI driven application that offers aggregated patch and security update reporting as well as basic system status across multiple Unix-like hosts over SSH.
It is targeted at small to medium sized networks, and is designed to be simple to deploy and use, requiring no central server, agents and complex dependencies on remote hosts.
Bundle and save your SSH keys with Nix. This flake provides a way to encrypt and bundle your SSH keys and SSH config in a readable format!
Shoji-Nix is a Nix flake designed to manage and securely store your SSH keys. With Shoji-Nix, you can bundle your SSH configuration and .ssh folder into a YAML file which can then be encrypted and saved in your repository.
Cloud-based development using your local tools.
Mutagen provides real-time file synchronization and flexible network forwarding for developers, extending the reach of local development tools to cloud-based containers and infrastructure.
Mutagen is a new kind of remote development tool that enables your existing local tools to work with code in remote environments like cloud servers and containers. It does this by providing high-performance real-time file synchronization and flexible network forwarding. It supports synchronization and forwarding between local systems, SSH-accessible locations, and Docker containers.
An open-source security log auditing & RDP, VNC, SSH and databases management bastion platform.
PHP Secure Communications Library.
Pure-PHP implementations of SSH, SFTP, RSA / DSA / Elliptic Curves, AES / ChaCha20 / etc, X.509
Social Media via SSH.
itter.sh is your escape from the noise. It's a micro-blogging platform accessed entirely via SSH. No web browser. No JavaScript. No endless scroll of algorithmic 'content'. Just you, your trusty terminal, and 180 characters at a time ("eets"). Why? Because terminals are cool. Because less is more. Because sometimes, you just need to type.
The last bastion
Secure access to your internal SSH, HTTPS, MySQL and Postgres servers with SSO and RBAC.
Related contents:
The ultimate ssh powered services for developers.
Our mission is to enable developers with services that help them rapidly prototype on the web. We want to make it easier than ever for developers to share their projects with the world.
A ssl/ssh multiplexer.
Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port).
sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.
Probes for HTTP, TLS/SSL (including SNI and ALPN), SSH, OpenVPN, tinc, XMPP, SOCKS5, are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to SSH from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.
Related contents:
Corkscrew is a tool for tunneling SSH through HTTP proxies, but... you might find another use for it.
Related contents:
Stealth tunneling through HTTP(S) proxies.
This is proxytunnel, a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy. I originally wrote this program to be used as an extension to SSH, to be able to SSH to my box at home. In this file, I will describe the use with SSH. If you want to use it with some other application, feel free, and let me know!
Related contents:
opkssh is a tool which enables ssh to be used with OpenID Connect allowing SSH access management via identities like alice@example.com instead of long-lived SSH keys. It does not replace ssh, but rather generates ssh public keys that contain PK Tokens and configures sshd to verify the PK Token in the ssh public key. These PK Tokens contain standard OpenID Connect ID Tokens. This protocol builds on the OpenPubkey which adds user public keys to OpenID Connect without breaking compatibility with existing OpenID Provider.
Related contents:
Termix is an open-source forever free self-hosted server management panel.
Termix is an open-source forever free self-hosted SSH (other protocols planned, see Planned Features) server management panel inspired by Nexterm. Its purpose is to provide an all-in-one docker-hosted web solution to manage your servers in one easy place. I'm using this project to help me learn React, Vite, and Docker but also because I could never settle on a server management software that I enjoyed to use.
Related contents:
Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software.
Run sequential command(s) on a group of SSH servers.
SSH Commander is a powerful, colorful command-line tool for executing commands across multiple SSH servers simultaneously. It supports both password and key-based authentication, custom ports, and can execute both single commands and command files.
Seamless, technology-driven remote access from anywhere, at any time. Take control of your servers and devices from any location while boosting security through our centralized SSH gateway tailored for edge and cloud computing.
SSH tarpit that slowly sends an endless banner.
Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.
Related contents:
🧸 fully isolated honeypot ssh server using thrussh.
A very simple SSH server using thrussh that exposes mocked versions of a bash shell, some commands and SSH subsystems to act as a honeypot for would-be crackers.
All actions undertaken on the connection by the client are recorded in JSON format in an audit log file.
Authentication, authorization, traceability and auditability for SSH accesses.
A so-called bastion is a machine used as a single entry point by operational teams (such as sysadmins, developers, devops, database admins, etc.) to securely connect to other machines of an infrastructure, usually using ssh.
The bastion provides mechanisms for authentication, authorization, traceability and auditability for the whole infrastructure.
Related contents:
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.
Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.
🌱 Web based ssh client.
A simple web application to be used as an ssh client to connect to your ssh servers. It is written in Python, base on tornado, paramiko and xterm.js.
Simple Localhost Tunnels.
Public URLs for Localhost. Without downloading any binary! Create HTTP, TCP, UDP, or TLS tunnels to your Mac/PC. Even if it is sitting behind firewalls and NATs.
Simple way to manage your remote machines and SSH keys.
Bare metal servers are awesome. They let you pick where to run your software and how to deploy it. You get full control to make the most of the server's resources. No limits, no compromises. That's real freedom.
Viking makes it easier to work with them.
sshx lets you share your terminal with anyone by link, on a multiplayer infinite canvas.
It has real-time collaboration, with remote cursors and chat. It's also fast and end-to-end encrypted, with a lightweight server written in Rust.
Related content:
Your entire server infrastructure at your fingertips. Manage all your servers from your local desktop. No remote setup required.
XPipe is a new type of shell connection hub and remote file manager that allows you to access your entire server infrastructure from your local machine. It works on top of your installed command-line programs and does not require any setup on your remote systems. So if you normally use CLI tools like ssh, docker, kubectl, etc. to connect to your servers, you can just use XPipe on top of that.
Open source ngrok alternative. Expose local http, tcp or websocket connections to the public internet.
Open source ngrok alternative designed for teams. Tunnel http, tcp or websocket connections. Portr is a tunnel solution that allows you to expose local http, tcp or websocket connections to the public internet. It utilizes SSH remote port forwarding under the hood to securely tunnel connections.
Portr is primarily designed for small teams looking to expose development servers on a public URL. It is not recommended for use alongside production servers.
Apache MINA SSHD is a 100% pure java library to support the SSH protocols on both the client and server side. It does not aim at being a replacement for the SSH client or SSH server from Unix operating systems, but rather provides support for Java based applications requiring SSH support.
Unexpected Exposures in SSH. SSHamble is a research tool for SSH implementations.
SSHamble simulates potential attack scenarios, including unauthorized remote access due to unexpected state transitions, remote command execution in post-session login implementations, and information leakage through unlimited high-speed authentication requests. The SSHamble interactive shell provides raw access to SSH requests in the post-session (but pre-execution) environment, allowing for simple testing of environment controls, signal processing, port forwarding, and more.
🎩 simple, fun and transparent SSH (and telnet) bastion server.
Jump host/Jump server without the jump, a.k.a Transparent SSH bastion.
An open-source PAM tool alternative to CyberArk
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
This tool can lead to password exposure.
Non-interactive ssh password auth download.
Sshpass is a tool for non-interactivly performing password authentication with SSH's so called "interactive keyboard password authentication". Most user should use SSH's more secure public key authentiaction instead.
SSH Honeypot that gathers creds and attempted commands.
SSH Honeypot that gathers attempted creds, IP addresses and versions. The SSH server will either issue a warning, or drop the attacker into a fake shell.
OpenPubkey is an open source project that binds public keys and workload identities using standard SSO and OpenID Connect.
Use OpenPubkey today to SSH to machines on your network without SSH keys.
SSH3: faster and rich secure shell using HTTP/3.
SSH3 is a complete revisit of the SSH protocol, mapping its semantics on top of the HTTP mechanisms. In a nutshell, SSH3 uses QUIC+TLS1.3 for secure channel establishment and the HTTP Authorization mechanisms for user authentication.
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Related contents:
A fast TCP/UDP tunnel over HTTP.
Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network.
Simple, Pythonic remote execution and deployment.
Fabric is a high level Python (2.7, 3.4+) library designed to execute shell commands remotely over SSH, yielding useful Python objects in return. It builds on top of Invoke (subprocess command execution and command-line features) and Paramiko (SSH protocol implementation), extending their APIs to complement one another and provide additional functionality.
Related contents:
Two-Factor Authentication for SSH with PAM Support (pam_duo).
Duo Unix includes a PAM module or alternatively a stand alone executable that can be used to protect programs such as SSH or Sudo.
Duo can be easily added to any Unix system to protect remote (SSH) or local logins with the addition of a simple pam_duo PAM module. It has been tested on Linux (RedHat, Fedora, CentOS, Debian, Ubuntu, Amazon Linux), BSD (FreeBSD, NetBSD, OpenBSD), Solaris, and AIX.
Eternal Terminal (ET) is a remote shell that automatically reconnects without interrupting the session.
Ásbrú Connection Manager is a user interface that helps organizing remote terminal sessions and automating repetitive tasks.
xxh share the local shell configuration with the remote SSH server. It
aims to bring the user shell through ssh without root access and system
installations.
standalone SSH server that connects you to your Docker containers.
ssh2docker is a SSH server that can create new Docker containers and/or
join existing ones, with session, and dynamic configuration support.
It is an alternative to chroot.
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system in Python, in high interaction mode (proxy) it functions as an SSH and telnet proxy to observe attacker behavior to another system.
Terminals is a secure, multi tab terminal services/remote desktop client. RDP, VNC, VMRC, SSH, Telnet, RAS, ICA Citrix, HTTP and HTTPs based protocols are integrated. It uses Terminal Services ActiveX Client (mstscax.dll). The project started from the need of controlling multiple connections simultaneously. It is a complete replacement for the mstsc.exe (Terminal Services) client. This is official source moved from Codeplex.
A professional cross-platform SSH/Sftp/Shell/Telnet/Serial terminal. A Quicker and better SSH/Telnet/Serial/Shell/Sftp client for DevOps.
tunnelmon is an autossh tunnel monitor. It gives a user interface to monitor existing SSH tunnel, and tunnels managed with autossh.
Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
We call it clientless because no plugins or client software are required. Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.
Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes.
The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers. Current development of haveged is directed towards improving overall reliablity and adaptability while minimizing the barriers to using haveged for other tasks.
Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes.