https://github.com/dokku/sshcommand

Turn SSH into a thin client specifically for your app
https://github.com/dokku/sshcommand

Last synced: 2 months ago
JSON representation

Turn SSH into a thin client specifically for your app

• Host: GitHub
• URL: https://github.com/dokku/sshcommand
• Owner: dokku
• License: mit
• Created: 2013-06-12T00:31:01.000Z (over 11 years ago)
• Default Branch: main
• Last Pushed: 2024-10-28T18:51:49.000Z (3 months ago)
• Last Synced: 2024-10-30T00:56:06.377Z (3 months ago)
• Language: Shell
• Homepage:
• Size: 223 KB
• Stars: 376
• Watchers: 11
• Forks: 50
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-ssh - sshcommand - Turn *SSH* into a thin client specifically for your app. (Apps / Servers)
• awesome-ssh - sshcommand - Turn *SSH* into a thin client specifically for your app. (Apps / Servers)
• awesome-starred - dokku/sshcommand - Turn SSH into a thin client specifically for your app (others)

README

        
# sshcommand

Simplifies running a single command over SSH, and manages authorized keys (ACL) and users in order to do so.

It basically simplifies running:

```shell

ssh user@server 'ls -l '

```

into:

```shell

ssh ls@server 

```

## Commands

```shell

sshcommand create                                     # Creates a local system user and installs sshcommand skeleton

sshcommand acl-add                             # Adds named SSH key to user from STDIN or argument

sshcommand acl-remove                                    # Removes SSH key by name

sshcommand acl-remove-by-fingerprint              # Removes SSH key by fingerprint

sshcommand list                       [] [] # Lists SSH keys by user, an optional name and a optional output format (JSON)

sshcommand help                                             # Shows help information

sshcommand version                                                   # Shows version

```

## Example

On a server, create a new command user:

```shell

sshcommand create cmd /path/to/command

```

On your computer, add authorized keys with your key:

```shell

cat ~/.ssh/id_rsa.pub | ssh root@server sshcommand acl-add cmd progrium

```

If the public key is already on the server, you may also specify it as an argument:

```shell

ssh root@server sshcommand acl-add cmd progrium ~/.ssh/id_rsa.pub

```

By default, key names and fingerprints must be unique. Both of these checks can be disabled by setting the following environment variables to `false`:

```shell

export SSHCOMMAND_CHECK_DUPLICATE_FINGERPRINT="false"

export SSHCOMMAND_CHECK_DUPLICATE_NAME="false"

```

Now anywhere with the private key you can easily run:

```shell

ssh cmd@server

```

Anything you pass as the command string will be appended to the command. You can use this

to pass arguments or if your command takes subcommands, expose those subcommands easily.

```shell

/path/to/command subcommand

```

Can be run remotely with:

```shell

ssh cmd@server subcommand

```

When adding an authorized key, you can also specify custom options for `AUTHORIZED_KEYS`

by specifying the `SSHCOMMAND_ALLOWED_KEYS` environment variable. This should be a list

of comma-separated options. The default keys are as follows:

```shell

no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding

```

This can be useful for cases where the ssh server does not allow certain options or you

wish to further constrain a user's environment. Please see `man sshd` for more information.