https://github.com/xor-gate/go-ssh-keyholder
Golang implementation of mediawiki/keyholder - Securely share ssh agents among groups of users
https://github.com/xor-gate/go-ssh-keyholder
access-control authentication bastion bastion-tools domain-socket go golang identities keyholder proxy secured security-hardening security-tools ssh ssh-agent ssh-keyholder ssh-keys
Last synced: about 1 year ago
JSON representation
Golang implementation of mediawiki/keyholder - Securely share ssh agents among groups of users
- Host: GitHub
- URL: https://github.com/xor-gate/go-ssh-keyholder
- Owner: xor-gate
- License: mit
- Created: 2018-10-31T12:23:57.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2023-07-16T10:19:54.000Z (almost 3 years ago)
- Last Synced: 2025-03-07T14:11:34.940Z (over 1 year ago)
- Topics: access-control, authentication, bastion, bastion-tools, domain-socket, go, golang, identities, keyholder, proxy, secured, security-hardening, security-tools, ssh, ssh-agent, ssh-keyholder, ssh-keys
- Language: Go
- Homepage:
- Size: 18.6 KB
- Stars: 3
- Watchers: 1
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# go-ssh-keyholder
Go implementation of the MediaWiki KeyHolder for securely sharing ssh a secured and system wide SSH agent among groups of users.
# Installation
The go-ssh-keyholder only works under UNIX-like OS'es. Currently supported are Linux `SO_PEERCRED` and FreeBSD `LOCAL_PEERCRED` for reading the Uid and Gid of the unix socket ssh agent client connection.
`go get github.com/xor-gate/go-ssh-keyholder`
# Usage
```
go-ssh-keyholder -config /path/to/go-keyholder.yml
export SSH_AUTH_SOCK=/path/to/go-keyholder.agent.sock
ssh-add
ssh
```
# Documentation
* https://blog.wikimedia.org/2017/03/22/keyholder/
* https://github.com/wikimedia/keyholder
* http://www.unixwiz.net/techtips/ssh-agent-forwarding.html
# See also
* https://github.com/cptpcrd/unix_cred
# License
[MIT](LICENSE)