Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/elara6331/seashell

Custom SSH server with virtual hosts and username-based routing
https://github.com/elara6331/seashell

docker go golang linux nomad serial serialport ssh ssh-server

Last synced: about 1 month ago
JSON representation

Custom SSH server with virtual hosts and username-based routing

Host: GitHub
URL: https://github.com/elara6331/seashell
Owner: Elara6331
License: agpl-3.0
Created: 2024-08-04T20:58:27.000Z (6 months ago)
Default Branch: master
Last Pushed: 2024-08-13T00:43:22.000Z (5 months ago)
Last Synced: 2024-08-13T02:27:25.558Z (5 months ago)
Topics: docker, go, golang, linux, nomad, serial, serialport, ssh, ssh-server
Language: Go
Homepage: https://gitea.elara.ws/Elara6331/seashell
Size: 58.6 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

Seashell logo

---

Seashell is a custom SSH server that implements virtual hosts with username-based routing, allowing users to securely access shells inside VMs, containers, or even on serial ports. It also features its own authentication and permissions system, independent of system users.

## Features

### Fail2Ban

Seashell has a built-in rate limiter for failed logins. If a user exceeds the configured amount of failed login attempts within the specified time interval, they will be blocked from making any further login attempts until the time interval passes.

### Permissions

Seashell comes with a granular permissions system that allows you to allow or deny access to specific resources for specific users or groups of users. This allows you to safely provide shell access to users without also giving them access to any unintended resources.

## Integrations

### Docker

Seashell can integrate with Docker to provide remote shell access into a container. For example, with a route configured to match `docker\\.(.+)`, you can use the following `ssh` command to get a shell inside the `example` container:

```bash
ssh user:[email protected]
```

See the [docker](https://gitea.elara.ws/Elara6331/seashell/wiki/Backends#docker) documentation for more info.

### Nomad

Seashell can integrate with a Nomad cluster to provide remote shell access into a Nomad allocation. For example, with a route configured to match `nomad\\.(.+)`, you can use the following `ssh` command to get a shell in the first allocation in the `example` job:

```bash
ssh user:[email protected]
```

If your job has several tasks, you can specify the task you want like so:

```bash
ssh user:[email protected]
```

See the [nomad](https://gitea.elara.ws/Elara6331/seashell/wiki/Backends#nomad) documentation for more info.

### Serial

Seashell can provide remote access to a physical serial port. For example, with a route configured to match `serial\\.(.+)`, you can use the following `ssh` command to get a access to `/dev/ttyS0`:

```bash
ssh user:[email protected]
```

If the baud rate and mode are unknown beforehand, you can specify them in the ssh command, like so:

```bash
ssh user:[email protected]
```

See the [serial](https://gitea.elara.ws/Elara6331/seashell/wiki/Backends#serial) documentation for more info.

### Proxy

Seashell can proxy another SSH server. In this case, your client will authenticate to seashell and then seashell will authenticate to the target server, so you should provide seashell with a private key to use for authentication and encryption. If you don't provide this, seashell will ask the authenticating user for the target server's password.

Here's an example command:

```bash
ssh user:[email protected]
```

See the [proxy](https://gitea.elara.ws/Elara6331/seashell/wiki/Backends#proxy) documentation for more info.