{"id":18747654,"url":"https://github.com/quantum5/sshauthproxy","last_synced_at":"2025-11-24T19:30:16.044Z","repository":{"id":57470807,"uuid":"158898155","full_name":"quantum5/sshauthproxy","owner":"quantum5","description":"SSH AuthorizedKeysCommand proxy: publish your SSH authorized_keys from an existing AuthorizedKeysCommand","archived":false,"fork":false,"pushed_at":"2018-11-24T03:12:53.000Z","size":14,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-29T11:47:29.460Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/quantum5.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-11-24T03:12:36.000Z","updated_at":"2020-06-22T03:44:54.000Z","dependencies_parsed_at":"2022-09-26T17:40:36.305Z","dependency_job_id":null,"html_url":"https://github.com/quantum5/sshauthproxy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quantum5%2Fsshauthproxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quantum5%2Fsshauthproxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quantum5%2Fsshauthproxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quantum5%2Fsshauthproxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/quantum5","download_url":"https://codeload.github.com/quantum5/sshauthproxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239634465,"owners_count":19672183,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T16:30:51.021Z","updated_at":"2025-11-24T19:30:15.954Z","avatar_url":"https://github.com/quantum5.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# `sshauthproxy` [![PyPI](https://img.shields.io/pypi/v/sshauthproxy.svg)](https://pypi.org/project/sshauthproxy/) [![PyPI - Format](https://img.shields.io/pypi/format/sshauthproxy.svg)](https://pypi.org/project/sshauthproxy/) [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/sshauthproxy.svg)](https://pypi.org/project/sshauthproxy/)\n\n`sshauthproxy` is a simple `tornado`-based daemon that exports your SSH keys\nfrom an `AuthorizedKeysCommand` via a simple HTTP-based API.\n\n## Why?\n\nI am rather fond of `sss_ssh_authorizedkeys` and managing SSH keys in LDAP.\nHowever, I would like to be able to pull SSH keys from an LDAP directory on\nservers that I do not want to be added to the directory. Now, I can run\n`sshauthproxy` on a server in the directory, and pull the keys from any server\nI want.\n\nWhile the default `AuthorizedKeysCommand` is `sss_ssh_authorizedkeys`, I am\nsure there are other `AuthorizedKeysCommand` that would be useful when proxied.\n\n## Installation\n\n```\n# On the machine publishing the keys (server):\npip install sshauthproxy\n\n# Run the server:\nsshauthproxy [--address=\u003cthe IP to listen on\u003e] [--port=\u003cport to listen on\u003e]\n# To proxy something other than sss_ssh_authorizedkeys, specify --command=\u003cyour command\u003e.\n# By default, the server binds to 0.0.0.0:8888 and [::]:8888.\n\n# On the machine using the keys (client):\nsudo curl https://raw.githubusercontent.com/quantum5/sshauthproxy/master/sshauth-client -o/usr/local/bin/sshauth-client\necho https://sshauth.example.com | sudo tee /etc/sshauth-server\n\n# Now add the following lines to /etc/ssh/sshd_config on the client:\nAuthorizedKeysCommand /usr/local/bin/sshauth-client\nAuthorizedKeysCommandUser nobody\n```\n\n## API\n\nThe API is very simple:\n\n* `GET /`: shows usage information.\n* `GET /\u003cusername\u003e`: shows the SSH keys for the given username, if available.\n  Otherwise, it returns 404 with a blank response body.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquantum5%2Fsshauthproxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fquantum5%2Fsshauthproxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquantum5%2Fsshauthproxy/lists"}