Awesome
Engity's Bifröst
Bifröst (spoken as "Bee-frest"), is an advanced SSH server. It can be used as a drop-in-replacement for OpenSSH Server, but it was actually created with some more advanced stuff in mind; see below.
TOC
- Use-cases
- Features
- Getting started
- Configuration
- Status
- License
- Code of Conduct
- Contributing
- Security
Features
- SSH protocol compliant
- OpenID Connect
- Docker environments
- Kubernetes environments
- Remember me
- Automatic user provisioning
SSH protocol compliant
Fully SSH protocol compliant server, like you would expect.
OpenID Connect
You can connect via your SSH keys, as usually. And so on...
...but you can also use OpenID Connect (or OAuth2) identity provider. The best thing about this is: In contrast to the other SSH servers with OpenID Connect, you don't need any other client locally installed, than your regular SSH Client (OpenSSH, PuTTy, ...).
Docker environments
You can execute your users into individual Docker containers with custom images, network settings, and much more...
Kubernetes environments
Be directly inside a dedicated Pod inside your Kubernetes cluster and have access to all of its resources without extra port forwarding.
Remember me
If authorized via another authentication token then a Public Key, it can store (temporally) your provided Public Key, for faster reconnect, while the session is still alive.
Automatic user provisioning
If a local environment is used where the user executes inside and OpenID Connect was used to authorize a user, Bifröst can automatically create these users based on a defined requirement template.
It can also automatically clean up these users as they're no longer needed, for example: If their session becoming idle and times out (30 minutes). In this case the user itself, its home directory and all running processes can be cleaned up.
More to come...
What's next?
Read Use-Cases, our Getting starting guide and the configuration documentation to see what else you can do with Bifröst.
Status
This project is currently under development. The application is stable (file a bug if you find one), but the configuration/command/API structure needs improvement.