Awesome SSH – Massive Collection of Resources

Table of Contents

• Apps
  • .ssh/config
  • Tools using the SSH protocol
  • Servers
  • Network
  • Multiplexers
  • SSH Keys / Authentication
  • SSH agent
  • Tools
  • Automation
  • Web
  • Testing / Honeypots
  • Alternatives to SSH
• Libraries
• Resources
  • Tutorials
  • Security
  • Documentation
  • Community

Apps

.ssh/config

• assh – Transparent wrapper (ProxyCommand) that adds regex, aliases, gateways, includes, dynamic hostnames to SSH and ssh-config. Previously: advanced-ssh-config
• storm – Manage your SSH like a boss.
• ansible-ssh-config – Letting Ansible manage ssh_config.
• ec2ssh – A ssh_config manager for AWS EC2.
• ssh-config – A tool to help manage your .ssh/config file.

Tools using the SSH protocol

• scp – Secure remote file copy utility over SSH.
• rsync – Fast incremental transfer utility that supports SSH.
• sftp – File transfer protocol over SSH.
• curl – Command line tool and library to transfer data (support sftp).

Servers

• sshportal – simple, fun, and transparent SSH (& Telnet) Bastion Server
• ssh2docker – SSH server to Docker containers.
• ssh-proxy – Dockerized SSH bastion to proxy SSH connections to arbitrary containers.
• whosthere – A SSH server that knows who you are. $ ssh whoami.filippo.io.
• sshfront – Programmable SSH frontend.
• ssh-chat – Chat over SSH.
• sshcommand – Turn SSH into a thin client specifically for your app.
• sshmuxd – sshmux frontend.
• x84 – A python telnet/ssh server for modern UTF-8 and classic cp437 network virtual terminals. In spirit of classic software such as ami/x, teleguard, renegade, iniquity.
• teleport – Modern SSH server for clusters and teams.
• ShellHub – A SSH gateway for remotely accessing any Linux device behind firewall and NAT.

Network

• Mosh – The mobile shell.
• sshfs – Filesystem client based on the SSH File Transfer Protocol.
• ngrok – Introspected tunnels to localhost.
• localtunnel – Expose localhost servers to the Internet.
• sshuttle – Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling.
• sshttp – SSH/HTTP(S) multiplexer. Run a webserver and a sshd on the same port w/o changes.
• switcher – Run SSH and HTTP(S) on the same port.
• sslh – Applicative Protocol Multiplexer (i.e: SSH + HTTPS).
• tund – SSH reverse tunnel daemon.
• autossh – Automatically respawn SSH session after network interruption.
• wssh – SSH to WebSockets Bridge.
• docker-volume-sshfs – sshfs docker volume plugin.
• quicssh – QUIC proxy for SSH
• sshpiper – The missing reverse proxy for ssh scp.
• sshhub – Web Service: access your SSH servers behind firewalls (ssh-teamviewer).

Multiplexers

• tmux – Terminal multiplexer.
• clusterssh – Cluster admin via SSH.
• tmux-cssh – tmux with a ClusterSSH-like behavior.
• tm – tmux manager / helper.
• i2cssh – csshX like SSH tool for iTerm2.
• ClusterSSH – Controls a number of xterm windows via a single graphical console.

SSH keys / Authentication

• authy-ssh – Easy two-factor authentication for SSH servers.
• github-auth – SSH key management for GitHub users.
• cipherhub – Encrypt messages based on SSH public keys with easy import from GitHub.
• Slack notifications (archived version) – Guide to setup Slack notifications (can be modified for other services).
• totp-ssh-fluxer – A way to make sure your sshd port changes every 30 seconds.
• github-keygen – Easy creation of secure SSH configuration for your GitHub account(s).
• kr – Kr agent that route access request to the paired mobile phone where Kryptonite is installed.
• ServerAuth – Automatically sync SSH access across servers

SSH agent

• ssh-ident – Different agents and different keys for different projects, with ssh.
• oh-my-zsh/plugins/ssh-agent – ssh-agent plugin for zsh.
• sshecret – Automatically create and manage multiple agents for multiple keys.

Tools

• xxh – Bring your favorite shell wherever you go through the ssh.
• sshrc – Bring your .bashrc, .vimrc, etc. with you when you ssh.
• kyrat – SSH wrapper script that brings your dotfiles always with you on Linux and OSX.
• ssh-vault – encrypt/decrypt files using ssh keys
• ssh-ping – check if host is reachable using ssh_config
• SSHPry v2 – Spy & Control os SSH Connected client’s TTY
• redial – Terminal Based SSH Session Manager for Unix Systems

Automation

• Ansible – App deployment, configuration management and orchestration over SSH.
• rtop – Interactive, remote system monitoring tool based on SSH.
• DSH – Dancer’s shell / distributed shell – Wrapper for executing multiple remote shell commands from one command line.
• parallel-ssh – Provides parallel versions of OpenSSH and related tools.
• SSH Power Tool – Execute commands and upload files to many servers simultaneously without using pre-shared keys.

Web

• Secure Shell chrome extension
• GateOne – HTML5-powered terminal emulator and SSH client.
• KeyBox – Web-based SSH console that centrally manages administrative access to systems.
• Apache Guacamole – Apache Guacamole is a HTML5 based clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
• SSHmon – Real-time GUI to monitor SSH connections and establish port forwardings.

Testing / Honeypots

• ssh-hammer – SSH load testing tool.
• kippo – SSH Honeypot.
• cowrie – SSH Honeypot (based on kippo).
• sshmitm – SSH monkey-in-the-middle.
• ssh-audit – A tool for SSH server auditing.
• sshesame – A fake SSH server that lets everyone in and logs their activity.

Alternatives to SSH

• GoTTY – Share your terminal as web application.
• telnet – An unencrypted network protocol and an application used to connect to remote computers and issue commands.
• ttyd – Share your terminal over the web.
• rsh – An unencrypted network protocol and application used to connect to remote computers and issue commands.

Libraries

• C/C++
  • libssh – The SSH library.
• Golang
  • crypto/ssh – Built-in SSH client and server library.
  • sftp – SFTP support for the go.crypto/ssh package.
  • go-sshkit – Toolkit for building SSH servers and clients in Go.
  • Socker – Library for Go to simplify the use of SSH.
  • go-sshkeys – Golang SSH Keys manipulation library
• Java
  • jsch – Pure java, BSD licensed, SSH2 client library.
• Javascript/Node.js
  • ssh2 – SSH2 client and server modules written in pure JavaScript for node.js.
• Python
  • paramiko – Native Python SSHv2 protocol library.
• Ruby
  • net-ssh – Pure Ruby implementation of an SSH (protocol 2) client.

Resources

Tutorials

• How to use SSH to Connect to a Remote Server
• Best practices
• Granting Temporary Access to Your Servers (Using Signed SSH Keys)
• How to SSH login without a password
• Gist: SSH Recipes – Collection of recipes for writing awesome ssh config files.

Security

• 01/14/2016 – Integer Overflow CVE 2016 077[7-8].
• Security/Guidelines/OpenSSH – MozillaWiki – sshd\_config for 6.7+, 5.3.
• Applied-Crypto-Hardening – sshd\_config for 6.X

Documentation

• man page
• Specifications (OpenSSH)
• Wikipedia article

Community

• StackOverflow
• ServerFault