{"id":47681031,"url":"https://github.com/cego/james","last_synced_at":"2026-04-02T13:59:31.882Z","repository":{"id":55553778,"uuid":"240456066","full_name":"cego/james","owner":"cego","description":"A helper for AuthorizedKeysCommand","archived":false,"fork":false,"pushed_at":"2026-01-28T12:00:22.000Z","size":54,"stargazers_count":4,"open_issues_count":0,"forks_count":2,"subscribers_count":5,"default_branch":"master","last_synced_at":"2026-01-28T23:22:07.583Z","etag":null,"topics":["ssh-key","ssh-server"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cego.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-02-14T07:55:08.000Z","updated_at":"2026-01-28T12:00:27.000Z","dependencies_parsed_at":"2024-02-06T08:39:38.747Z","dependency_job_id":"5cdff036-b507-4119-bde7-2f3cd9b3fee3","html_url":"https://github.com/cego/james","commit_stats":{"total_commits":20,"total_committers":4,"mean_commits":5.0,"dds":0.4,"last_synced_commit":"40837c2bd145b9d19fd277cdc3e147a814c90025"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/cego/james","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cego%2Fjames","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cego%2Fjames/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cego%2Fjames/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cego%2Fjames/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cego","download_url":"https://codeload.github.com/cego/james/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cego%2Fjames/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31307437,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ssh-key","ssh-server"],"created_at":"2026-04-02T13:59:31.707Z","updated_at":"2026-04-02T13:59:31.857Z","avatar_url":"https://github.com/cego.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# james\n\njames is a utility to be used as a `AuthorizedKeysCommand` for OpenSSH.\n\nIt is designed to fetch a list of authorized keys from a remote HTTPS\nserver.\n\n## Installation\n\nGrab a binary from a releases or compile from source. Nothing magical.\n\n## Running\n\njames should be added to `sshd_config` as `AuthorizedKeysCommand`.\n\nThe following tokens from OpenSSH are supported:\n\n| Token | Flag | Description                                              | Form key    |\n|-------|------|----------------------------------------------------------|-------------|\n| %f    | -f   | The fingerprint of the key or certificate                | fingerprint |\n| %h    | -h   | The home directory of the user                           | home        |\n| %k    | -k   | The base64-encoded key or certificate for authentication | key         |\n| %t    | -t   | The key or certificate type                              | keytype     |\n| %U    | -U   | The numeric user ID of the target user                   | uid         |\n| %u    | -u   | The username                                             | username    |\n\n### Additional flags\n\n| Flag              | Default                            | Description                           |\n|-------------------|------------------------------------|---------------------------------------|\n| --url             | https://github.com/[username].keys | URL to retrieve keys from             |\n| --hostname        | auto-detected                      | The local hostname                    |\n| --port            | 22                                 | TCP port of the local SSH server      |\n| --use-syslog      | true                               | Log to syslog                         |\n| --guess-remote-ip | true                               | Try to guess remote IP. Requires root |\n| --dump \u003cpath\u003e     |                                    | Dump HTTP traffic to path             |\n\n## Implement the server-side\n\njames will issue a `GET` request containing the following parameters.\nMost optional.\n\n| Name             | Description                                                      |\n|------------------|------------------------------------------------------------------|\n| service_hostname | Will try to guess or use hostname provided from --hostname       |\n| service_port *   | Will assume standard port if none provided using --port          |\n| remote_ip *      | Will only be provided if --guess-remote-ip=false is not provided |\n| fingerprint *    | -f flag                                                          |\n| home *           | -h flag                                                          |\n| key *            | -k flag                                                          |\n| keytype *        | -t flag                                                          |\n| uid *            | -U flag                                                          |\n| username *       | -u flag                                                          |\n\n*: Optional\n\nThe complete response from the server will be written to standard\noutput. Server failures (HTTP response code 5xx) will be retried\nfive times with exponential backoff before giving up.\n\n## Examples\n\n### Allowing all keys from the Github user nat\n\n```\nAuthorizedKeysCommand /sbin/james --url https://github.com/nat.keys --guess-remote-ip=false\nAuthorizedKeysCommandUser nobody\n```\n\n### Retrieving keys from a Github user named as the user trying to authenticate\n\n```\nAuthorizedKeysCommand /sbin/james --guess-remote-ip=false\nAuthorizedKeysCommandUser nobody\n```\n\n### Contact something intelligent getting a list of keys\n\n```\nAuthorizedKeysCommand /sbin/james --url https://ssh-gatekeeper.example.com -f %f -u %u\nAuthorizedKeysCommandUser root # required to guess remote IP\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcego%2Fjames","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcego%2Fjames","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcego%2Fjames/lists"}