{"id":18031649,"url":"https://github.com/cmoog/sshproxy","last_synced_at":"2025-06-29T01:37:01.033Z","repository":{"id":57565227,"uuid":"336921757","full_name":"cmoog/sshproxy","owner":"cmoog","description":"An authentication termination SSH proxy.","archived":false,"fork":false,"pushed_at":"2023-09-08T19:11:07.000Z","size":43,"stargazers_count":13,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-23T04:25:15.336Z","etag":null,"topics":["golang","reverse-proxy","ssh","ssh-proxy"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cmoog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-08T00:35:24.000Z","updated_at":"2025-02-22T02:09:29.000Z","dependencies_parsed_at":"2024-06-19T16:04:42.653Z","dependency_job_id":null,"html_url":"https://github.com/cmoog/sshproxy","commit_stats":null,"previous_names":["cmoog/sshutil"],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmoog%2Fsshproxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmoog%2Fsshproxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmoog%2Fsshproxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmoog%2Fsshproxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cmoog","download_url":"https://codeload.github.com/cmoog/sshproxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245791328,"owners_count":20672664,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","reverse-proxy","ssh","ssh-proxy"],"created_at":"2024-10-30T10:10:04.050Z","updated_at":"2025-03-27T05:30:51.663Z","avatar_url":"https://github.com/cmoog.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# sshproxy\n\n[![Documentation](https://godoc.org/github.com/cmoog/sshproxy?status.svg)](https://pkg.go.dev/github.com/cmoog/sshproxy)\n[![Go Report Card](https://goreportcard.com/badge/github.com/cmoog/sshproxy)](https://goreportcard.com/report/github.com/cmoog/sshproxy)\n[![codecov](https://codecov.io/gh/cmoog/sshproxy/branch/master/graph/badge.svg?token=IQ87G7H7OA)](https://codecov.io/gh/cmoog/sshproxy)\n\nPackage sshproxy provides a slim SSH reverse proxy built\natop the `golang.org/x/crypto/ssh` package.\n\n```text\ngo get github.com/cmoog/sshproxy\n```\n\n## Authorization termination proxy\n\n`sshproxy.ReverseProxy` implements a single host reverse proxy\nfor SSH servers and clients. Its API is modeled after the ergonomics\nof the [HTTP reverse proxy](https://pkg.go.dev/net/http/httputil#ReverseProxy) implementation\nfrom the standard library.\n\nIt enables the proxy to perform authorization termination,\nwhereby custom authorization logic of the single entrypoint can protect\na set of SSH hosts hidden in a private network.\n\nFor example, one could conceivably use OAuth as a basis for verifying\nidentity and ownership of public keys.\n\n## Example usage\n\nConsider the following bare-bones example with error handling omitted for brevity.\n\n```go\npackage main\n\nimport (\n  \"net\"\n  \"golang.org/x/crypto/ssh\"\n  \"github.com/cmoog/sshproxy\"\n)\n\nfunc main() {\n  serverConfig := ssh.ServerConfig{\n    // TODO: add your custom public key authentication logic\n    PublicKeyCallback: customPublicKeyAuthenticationLogic\n  }\n  serverConfig.AddHostKey(reverseProxyHostKey)\n\n  listener, _ := net.Listen(\"tcp\", reverseProxyEntrypoint)\n  for {\n    clientConnection, _ := listener.Accept()\n    go func() {\n      defer clientConnection.Close()\n      sshConn, sshChannels, sshRequests, _ := ssh.NewServerConn(clientConnection, \u0026serverConfig)\n\n      // TODO: add your custom routing logic based the SSH `user` string, and/or the public key\n      targetServer, targetServerConnectionConfig := customRoutingLogic(sshConn.User())\n\n      proxy := sshproxy.New(targetServer, targetServerConnectionConfig)\n      _ = proxy.Serve(ctx, sshConn, sshChannels, sshRequests)\n    }()\n  }\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcmoog%2Fsshproxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcmoog%2Fsshproxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcmoog%2Fsshproxy/lists"}