{"id":13603007,"url":"https://github.com/tarcieri/ithos","last_synced_at":"2025-03-28T10:33:34.323Z","repository":{"id":56878219,"uuid":"61505099","full_name":"tarcieri/ithos","owner":"tarcieri","description":"A cryptographically verifiable access control and directory system for Linux servers","archived":false,"fork":false,"pushed_at":"2017-07-06T15:48:55.000Z","size":373,"stargazers_count":54,"open_issues_count":0,"forks_count":4,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-18T03:43:51.076Z","etag":null,"topics":["access-control","authentication","authorization","blockchain","capabilities","credentials","database","delegation","directory","ed25519","grpc","kerberos","ldap","pam","password-server","pki","policy","rust","security","x509"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tarcieri.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-06-19T23:29:03.000Z","updated_at":"2024-04-18T17:39:19.000Z","dependencies_parsed_at":"2022-08-20T11:40:38.208Z","dependency_job_id":null,"html_url":"https://github.com/tarcieri/ithos","commit_stats":null,"previous_names":["cryptosphere/ithos"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tarcieri%2Fithos","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tarcieri%2Fithos/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tarcieri%2Fithos/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tarcieri%2Fithos/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tarcieri","download_url":"https://codeload.github.com/tarcieri/ithos/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246012869,"owners_count":20709528,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","authentication","authorization","blockchain","capabilities","credentials","database","delegation","directory","ed25519","grpc","kerberos","ldap","pam","password-server","pki","policy","rust","security","x509"],"created_at":"2024-08-01T18:01:46.358Z","updated_at":"2025-03-28T10:33:33.806Z","avatar_url":"https://github.com/tarcieri.png","language":"Rust","funding_links":[],"categories":["blockchain","Rust"],"sub_categories":[],"readme":"# ithos [![Latest Version][crate-image]][crate-link] [![Build Status][build-image]][build-link] [![Apache 2 licensed][license-image]][license-link]\n\n[crate-image]: https://img.shields.io/crates/v/ithos.svg\n[crate-link]: https://crates.io/crates/ithos\n[build-image]: https://travis-ci.org/cryptosphere/ithos.svg?branch=master\n[build-link]: https://travis-ci.org/cryptosphere/ithos\n[license-image]: https://img.shields.io/badge/license-Apache2-blue.svg\n[license-link]: https://github.com/cryptosphere/ithos-rb/blob/master/LICENSE\n\nModern directory services and credential management\n\n## What is ithos?\n\n**ithos** (pronounced ˈēTHäs like \"ethos\") is a modern directory server\ndesigned to be a master access control system for a fleet of Linux or other\nUnix-like servers. The design is inspired by [LDAP], but using\n[gRPC]\u003csup\u003e†\u003c/sup\u003e and [JSON] APIs in lieu of the LDAP wire protocol. As\n**ithos** is intended for highly secure applications, it's written in the\n[Rust] language to ensure safety.\n\nThe key differentiating feature of **ithos** over other directory servers is the\nuse of a cryptographically authenticated append-only log, similar to a\n\"blockchain\", to mediate all changes to the directory. This means every change\nis fully auditable and can be attributed to one or more credentials for users\nor automated processes who authorized the change.\n\n*\u003csup\u003e†\u003c/sup\u003eNOTE: gRPC support forthcoming*\n\n[LDAP]: https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol\n[gRPC]: http://www.grpc.io/\n[JSON]: http://www.json.org\n[Rust]: https://www.rust-lang.org/\n\n### Is it any good?\n\n[Yes.](http://news.ycombinator.com/item?id=3067434)\n\n### Is it \"Production Ready™\"?\n\n![DANGER: EXPERIMENTAL](https://raw.github.com/cryptosphere/cryptosphere/master/images/experimental.png)\n\n**ithos** does not yet provide the minimum viable functionality it needs to\nbe useful. The documentation below covers the current functionality, but\nit does not yet explain how to deploy a practical production system.\n\ntl;dr: Not ready yet. Check back later.\n\n## Building\n\nThese instructions assume you have a Rust installation. If you haven't yet\ninstalled Rust, please visit https://www.rustup.rs/ for instructions on how to\ninstall Rust.\n\n1. Clone the **ithos** git repository:\n\n    ```\n    $ git clone https://github.com/cryptosphere/ithos.git\n    Cloning into 'ithos'...\n    ```\n\n2. Compile **ithos** with Cargo:\n\n    ```\n    $ cargo build --release\n    ```\n    \n3. Ensure binary works:\n\n    ```\n    $ target/release/ithos -h\n    ithos v0.1\n\n    USAGE:\n        ithos [SUBCOMMAND]\n\n    FLAGS:\n        -h, --help       Prints help information\n        -V, --version    Prints version information\n\n    SUBCOMMANDS:\n        db        Creates a new ithos database\n        domain    Adds a new domain to an ithos database\n        help      Prints this message or the help of the given subcommand(s)\n    ```\n\n## Usage\n\n### Creating a new **ithos** database\n\n1. Create a filesystem directory where the database will live:\n\n    ```\n    $ mkdir my_ithos\n    ```\n\n2. Create a new **ithos** database inside the newly created directory:\n\n    ```\n    $ target/release/ithos db my_ithos\n    Creating database at: my_ithos\n    \n    Database created! Below is the password for the admin user ('manager')\n    Don't lose it! You will need it to perform administrative actions:\n    \n    ITHOS-GENPASS-xitak-refuk-lipef-zuxax-48214\n    ```\n\n3. Create an initial domain within your **ithos** database\n\n    ```\n    $ target/release/ithos domain example.com --path my_ithos\n    Creating domain 'example.com' in database at my_ithos\n    manager's password:\n    Domain example.com created!\n    ```\n\n## License\n\nCopyright (c) 2016-2017 Tony Arcieri. Distributed under the Apache 2.0 License.\nSee [LICENSE] file for further details.\n\n[LICENSE]: https://github.com/cryptosphere/ithos/blob/master/LICENSE\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftarcieri%2Fithos","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftarcieri%2Fithos","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftarcieri%2Fithos/lists"}