Courses & TutorialsOperating SystemProgramming
Awesome SSH – Massive Collection of Resources
Table of Contents
Apps
.ssh/config
assh
– Transparent wrapper (ProxyCommand) that adds regex, aliases, gateways, includes, dynamic hostnames to SSH and
ssh-config
. Previously:advanced-ssh-config
- storm
– Manage your SSH like a boss.
- ansible-ssh-config
– Letting Ansible manage
ssh_config
. - ec2ssh
– A
ssh_config
manager for AWS EC2. - ssh-config
– A tool to help manage your
.ssh/config
file.
Tools using the SSH protocol
- scp – Secure remote file copy utility over SSH.
- rsync – Fast incremental transfer utility that supports SSH.
- sftp – File transfer protocol over SSH.
- curl – Command line tool and library to transfer data (support
sftp
).
Servers
- sshportal
– simple, fun, and transparent SSH (& Telnet) Bastion Server
- ssh2docker
– SSH server to Docker containers.
- ssh-proxy
– Dockerized SSH bastion to proxy SSH connections to arbitrary containers.
- whosthere
– A SSH server that knows who you are.
$ ssh whoami.filippo.io
. - sshfront
– Programmable SSH frontend.
- ssh-chat
– Chat over SSH.
- sshcommand
– Turn SSH into a thin client specifically for your app.
- sshmuxd
–
sshmux
frontend. - x84
– A python
telnet
/ssh
server for modern UTF-8 and classic cp437 network virtual terminals. In spirit of classic software such as ami/x, teleguard, renegade, iniquity. - teleport
– Modern SSH server for clusters and teams.
- ShellHub
– A SSH gateway for remotely accessing any Linux device behind firewall and NAT.
Network
- Mosh – The mobile shell.
- sshfs
– Filesystem client based on the SSH File Transfer Protocol.
- ngrok
– Introspected tunnels to localhost.
- localtunnel
– Expose localhost servers to the Internet.
- sshuttle
– Transparent proxy server that works as a poor man’s VPN. Forwards over
ssh
. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling. - sshttp
– SSH/HTTP(S) multiplexer. Run a webserver and a
sshd
on the same port w/o changes. - switcher
– Run SSH and HTTP(S) on the same port.
- sslh
– Applicative Protocol Multiplexer (i.e: SSH + HTTPS).
- tund
– SSH reverse tunnel daemon.
- autossh – Automatically respawn SSH session after network interruption.
- wssh
– SSH to WebSockets Bridge.
- docker-volume-sshfs
–
sshfs
docker volume plugin. - quicssh
– QUIC proxy for SSH
- sshpiper
– The missing reverse proxy for ssh scp.
- sshhub – Web Service: access your SSH servers behind firewalls (ssh-teamviewer).
Multiplexers
- tmux – Terminal multiplexer.
- clusterssh
– Cluster admin via SSH.
- tmux-cssh
–
tmux
with a ClusterSSH-like behavior. - tm
–
tmux
manager / helper. - i2cssh
–
csshX
like SSH tool for iTerm2. - ClusterSSH – Controls a number of
xterm
windows via a single graphical console.
SSH keys / Authentication
- authy-ssh
– Easy two-factor authentication for SSH servers.
- github-auth
– SSH key management for GitHub users.
- cipherhub
– Encrypt messages based on SSH public keys with easy import from GitHub.
- Slack notifications (archived version) – Guide to setup Slack notifications (can be modified for other services).
- totp-ssh-fluxer
– A way to make sure your
sshd
port changes every 30 seconds. - github-keygen
– Easy creation of secure SSH configuration for your GitHub account(s).
- kr
– Kr agent that route access request to the paired mobile phone where Kryptonite is installed.
- ServerAuth – Automatically sync SSH access across servers
SSH agent
- ssh-ident
– Different agents and different keys for different projects, with
ssh
. - oh-my-zsh/plugins/ssh-agent
–
ssh-agent
plugin forzsh
. - sshecret – Automatically create and manage multiple agents for multiple keys.
Tools
- xxh
– Bring your favorite shell wherever you go through the ssh.
- sshrc
– Bring your
.bashrc
,.vimrc
, etc. with you when youssh
. - kyrat
– SSH wrapper script that brings your dotfiles always with you on Linux and OSX.
- ssh-vault
– encrypt/decrypt files using ssh keys
- ssh-ping
– check if host is reachable using ssh_config
- SSHPry v2
– Spy & Control os SSH Connected client’s TTY
- redial
– Terminal Based SSH Session Manager for Unix Systems
Automation
- Ansible
– App deployment, configuration management and orchestration over SSH.
- rtop
– Interactive, remote system monitoring tool based on SSH.
- DSH – Dancer’s shell / distributed shell – Wrapper for executing multiple remote shell commands from one command line.
- parallel-ssh
– Provides parallel versions of OpenSSH and related tools.
- SSH Power Tool – Execute commands and upload files to many servers simultaneously without using pre-shared keys.
Web
- Secure Shell chrome extension
- GateOne
– HTML5-powered terminal emulator and SSH client.
- KeyBox
– Web-based SSH console that centrally manages administrative access to systems.
- Apache Guacamole – Apache Guacamole is a HTML5 based clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
- SSHmon
– Real-time GUI to monitor SSH connections and establish port forwardings.
Testing / Honeypots
- ssh-hammer
– SSH load testing tool.
- kippo
– SSH Honeypot.
- cowrie
– SSH Honeypot (based on kippo).
- sshmitm – SSH monkey-in-the-middle.
- ssh-audit
– A tool for SSH server auditing.
- sshesame
– A fake SSH server that lets everyone in and logs their activity.
Alternatives to SSH
- GoTTY
– Share your terminal as web application.
- telnet – An unencrypted network protocol and an application used to connect to remote computers and issue commands.
- ttyd
– Share your terminal over the web.
- rsh – An unencrypted network protocol and application used to connect to remote computers and issue commands.
Libraries
- C/C++
- libssh – The SSH library.
- Golang
- crypto/ssh – Built-in SSH client and server library.
- sftp
– SFTP support for the go.crypto/ssh package.
- go-sshkit
– Toolkit for building SSH servers and clients in Go.
- Socker
– Library for Go to simplify the use of SSH.
- go-sshkeys – Golang SSH Keys manipulation library
- Java
- jsch – Pure java, BSD licensed, SSH2 client library.
- Javascript/Node.js
- ssh2
– SSH2 client and server modules written in pure JavaScript for node.js.
- ssh2
- Python
- paramiko
– Native Python SSHv2 protocol library.
- paramiko
- Ruby
- net-ssh
– Pure Ruby implementation of an SSH (protocol 2) client.
- net-ssh
Resources
Tutorials
- How to use SSH to Connect to a Remote Server
- Best practices
- Granting Temporary Access to Your Servers (Using Signed SSH Keys)
- How to SSH login without a password
- Gist: SSH Recipes – Collection of recipes for writing awesome ssh config files.
Security
- 01/14/2016 – Integer Overflow
CVE 2016 077[7-8]
. - Security/Guidelines/OpenSSH – MozillaWiki –
sshd\_config
for6.7+
,5.3
. - Applied-Crypto-Hardening
–
sshd\_config
for6.X