{"id":20282579,"url":"https://github.com/veops/oneterm","last_synced_at":"2025-05-15T00:11:02.327Z","repository":{"id":219880308,"uuid":"750108230","full_name":"veops/oneterm","owner":"veops","description":"Provide secure access and control over all infrastructure","archived":false,"fork":false,"pushed_at":"2025-02-12T03:48:17.000Z","size":8797,"stargazers_count":652,"open_issues_count":8,"forks_count":80,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-02-18T03:01:49.673Z","etag":null,"topics":["bastion","golang","oneterm","rdp","ssh","terminal","vnc","vue"],"latest_commit_sha":null,"homepage":"https://term.veops.cn/oneterm","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/veops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-30T01:58:43.000Z","updated_at":"2025-02-18T02:46:45.000Z","dependencies_parsed_at":"2024-04-01T08:26:16.924Z","dependency_job_id":"f914186f-ddf9-485a-b47b-b4ca972425a2","html_url":"https://github.com/veops/oneterm","commit_stats":null,"previous_names":["veops/oneterm"],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veops%2Foneterm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veops%2Foneterm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veops%2Foneterm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veops%2Foneterm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/veops","download_url":"https://codeload.github.com/veops/oneterm/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248441634,"owners_count":21104034,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bastion","golang","oneterm","rdp","ssh","terminal","vnc","vue"],"created_at":"2024-11-14T14:10:24.629Z","updated_at":"2025-04-11T16:37:31.831Z","avatar_url":"https://github.com/veops.png","language":"Go","funding_links":[],"categories":["Go","堡垒机"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/user-attachments/assets/ab00344b-462b-44b9-9113-9fe735dfb096\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/veops/oneterm/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/veops/oneterm\" alt=\"Apache License 2.0\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/veops/oneterm/releases\"\u003e\u003cimg alt=\"the latest release version\" src=\"https://img.shields.io/github/v/release/veops/oneterm?color=75C1C4\u0026include_prereleases\u0026label=Release\u0026logo=github\u0026logoColor=white\"\u003e\u003c/a\u003e\n  \u003ca href=\"\"\u003e\u003cimg src=\"https://img.shields.io/badge/Go-%3E%3D%201.18-%23007d9c\" alt=\"go\u003e=1.18\"\u003e\u003c/a\u003e\n  \u003ca href=\"https:https://github.com/sendya/ant-design-pro-vue\"\u003e\u003cimg src=\"https://img.shields.io/badge/UI-Ant%20Design%20Pro%20Vue-brightgreen\" alt=\"UI\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/veops/oneterm/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/veops/oneterm\" alt=\"Stars Badge\"/\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/veops/oneterm\"\u003e\u003cimg src=\"https://img.shields.io/github/forks/veops/oneterm\" alt=\"Forks Badge\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003ch4 align=\"center\"\u003e\n A Simple, Lightweight, Flexible Bastion Host.\n\u003c/h4\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://trendshift.io/repositories/8690\" target=\"_blank\"\u003e\u003cimg src=\"https://trendshift.io/api/badge/repositories/8690\" alt=\"veops%2Foneterm | Trendshift\" style=\"width: 250px; height: 55px;\" width=\"250\" height=\"55\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  English · \u003ca href=\"README_cn.md\"\u003e中文(简体)\u003c/a\u003e\n\u003c/p\u003e\n\n## What is OneTerm\n\nOneTerm is a simple, lightweight and flexible enterprise-class bastion host, designed and developed based on 4A compliant, i.e. Authen, Authorize, Account, and Audit, which ensures the security and compliance of the system through strict access control and monitoring features.\n\n- Product document：https://veops.cn/docs/docs/oneterm/onterm_design\n- Preview online：[OneTerm](https://term.veops.cn/oneterm/workstation)\n  - username: **demo** or **admin**\n  - password: 123456\n- **ATTENTION**: branch `main` may be unstable as the result of continued development, Please use [releases](https://github.com/veops/oneterm/releases) to get the latest stable version\n\n## Core Feature\n\n+ **Access control**: Acting as an intermediary, OneTerm restricts direct access to critical systems. Users must authenticate through OneTerm before accessing other servers or systems.\n\n+ **Security audit**: OneTerm can record user logins and activities, providing audit logs for investigation in case of security incidents. This ensures that every user's actions are traceable and auditable.\n\n+ **Jump access to**: OneTerm offers a jump host mechanism, allowing users to connect to other internal servers through OneTerm. This helps reduce the risk of exposing internal servers directly to the outside, as only OneTerm needs to be accessible externally.\n\n+ **Password management**: OneTerm can enforce robust password policies and centrally manage passwords through a single entry point. This helps improve the overall system's password security.\n\n+ **Session recording**: OneTerm can record user sessions with servers, which is valuable for monitoring and investigating privileged user activities. In case of security incidents, session recordings can be replayed to understand detailed operations.\n\n+ **Prevent direct attacks**: Since OneTerm is the sole entry point for systems and resources, it can serve as a primary obstacle for attackers. This helps reduce the risk of direct attacks on internal systems.\n\n+ **Unified access**: OneTerm provides a single entry point through which users can access different systems without needing to remember multiple login credentials. This enhances user convenience and work efficiency.\n\n## Product Advantage\n\n+ **Authentication and Authorization**: Authentication and Authorization: OneTerm should have a robust and flexible identity authentication and authorization mechanism. This includes supporting multi-factor authentication to ensure that only authorized users can access internal network resources and enabling fine-grained management of user permissions. \n+ **Secure communication**: OneTerm supports secure communication protocols and encryption technologies to protect data transmission between users and internal servers. This helps prevent man-in-the-middle attacks and data leakage. \n+ **Audit and monitoring**: OneTerm features powerful audit and monitoring capabilities, recording user activities and generating audit logs. This helps trace security incidents, identify potential threats, and meet compliance requirements. \n+ **Remote Management and Session Isolation**: OneTerm supports remote management, allowing administrators to securely manage internal servers. Additionally, it should have session isolation functionality to ensure that access between users is isolated from each other, preventing lateral movement attacks. \n+ **Combination with open source CMDB**: Oneterm is combined with [VE CMDB](https://github.com/veops/cmdb) (which has been open source), users can import assets in CMDB with one click, ensuring easy operation and smooth process.\n\n## Tech Stack\n\n+ Back-end: Go\n+ Front-end: Vue.js\n+ UI component library: Ant Design Vue\n\n## Getting started \u0026 staying tuned with us\n\nStar us, and you will receive all releases notifications from GitHub without any delay!\n\n![star us](https://github.com/user-attachments/assets/75c03659-4200-469e-b210-087a4d4473b6)\n\n## Overview\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd style=\"padding: 5px;background-color:#fff;\"\u003e\n      \u003cimg width=\"400\" src=\"https://github.com/user-attachments/assets/abefbe07-13d6-44b0-8622-a0c7130d5b0d\"/\u003e\n    \u003c/td\u003e\n    \u003ctd style=\"padding: 5px;background-color:#fff;\"\u003e\n      \u003cimg width=\"400\" src=\"https://github.com/user-attachments/assets/3a69c779-3f37-4c5b-8ade-2dffa99a2efd\"/\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n\n  \u003ctr\u003e\n    \u003ctd style=\"padding: 5px;background-color:#fff;\"\u003e\n      \u003cimg width=\"400\" src=\"https://github.com/user-attachments/assets/befcfae7-f24a-48a2-a730-8e8d02483ea9\"/\u003e\n    \u003c/td\u003e\n    \u003ctd style=\"padding: 5px;background-color:#fff;\"\u003e\n      \u003cimg width=\"400\" src=\"https://github.com/user-attachments/assets/75d33250-af61-4c22-b839-cd6ba9ecd551\"/\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n## Quick Start\n\n+ docker-compose install\n  ```bash\n  git clone https://github.com/veops/oneterm.git\n  cd oneterm/deploy\n  docker compose up -d\n  ```\n+ visit\n  - Open your browser and visit: [http://127.0.0.1:8666](http://127.0.0.1:8666)\n  - Username: admin\n  - Password: 123456\n\n## Contributing\n\nWe welcome all developers to contribute code to improve and extend this project. Please read our [contribution guidelines](CONTRIBUTING.md) first. Additionally, you can support Veops open source through social media, events, and sharing.\n\n\u003ca href=\"https://github.com/veops/oneterm/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=veops/oneterm\" /\u003e\n\u003c/a\u003e\n\n## More Open Source\n- [CMDB](https://github.com/veops/cmdb): Simple, lightweight, and versatile operational CMDB\n- [ACL](https://github.com/veops/acl): A general permission control management system.\n- [messenger](https://github.com/veops/messenger): A simple and lightweight message sending service.\n\n## Community\n\n+ Email: \u003ca href=\"mailto:bd@veops.cn\"\u003ebd@veops.cn\u003c/a\u003e\n+ WeChat official account: Welcome to follow our WeChat official account and join our group channels\n  \u003cimg src=\"docs/images/wechat.png\" alt=\"WeChat official account\" /\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fveops%2Foneterm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fveops%2Foneterm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fveops%2Foneterm/lists"}