Skip to main content

Simple SSH key management service

Project description

Join the chat at https://gitter.im/spoqa/geofront Latest PyPI version Read the Docs https://travis-ci.org/spoqa/geofront.svg?branch=master https://codecov.io/gh/spoqa/geofront/branch/master/graph/badge.svg

Geofront is a simple SSH key management server. It helps to maintain servers to SSH, and authorized_keys list for them. Read the docs for more details.

Situations

  • If the team maintains authorized_keys list of all servers owned by the team:

    • When someone joins or leaves the team, all lists have to be updated.

    • Who do update the list?

  • If the team maintains shared private keys to SSH servers:

    • These keys have to be expired when someone leaves the team.

    • There should be a shared storage for the keys. (Dropbox? srsly?)

    • Everyone might need to add -i option to use team’s own key.

  • The above ways are both hard to scale servers. Imagine your team has more than 10 servers.

Idea

  1. Geofront has its own master key. The private key is never shared. The master key is periodically and automatically regened.

  2. Every server has a simple authorized_keys list, which authorizes only the master key.

  3. Every member registers their own public key to Geofront. The registration can be omitted if the key storage is GitHub, Bitbucket, etc.

  4. A member requests to SSH a server, then Geofront temporarily (about 30 seconds, or a minute) adds their public key to authorized_keys of the requested server.

Prerequisites

Author and license

Geofront is written by Hong Minhee, maintained by Spoqa, and licensed under AGPL3 or later. You can find the source code from GitHub:

$ git clone git://github.com/spoqa/geofront.git

Missing features

(Contributions would be appreciated!)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Geofront-0.4.0.tar.gz (43.2 kB view details)

Uploaded Source

Built Distribution

Geofront-0.4.0-py3-none-any.whl (56.0 kB view details)

Uploaded Python 3

File details

Details for the file Geofront-0.4.0.tar.gz.

File metadata

  • Download URL: Geofront-0.4.0.tar.gz
  • Upload date:
  • Size: 43.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for Geofront-0.4.0.tar.gz
Algorithm Hash digest
SHA256 073e1e96466e5a62a6a56a7fc5a837a5d99e3000b1f70e9deba4234114d750f9
MD5 58937b4392ac1fc67a7c8822f1051163
BLAKE2b-256 c65bb0f7c6ee0764b1cd6532cc85e8dbaad2a7668b1ae314591a974fdb219c5b

See more details on using hashes here.

Provenance

File details

Details for the file Geofront-0.4.0-py3-none-any.whl.

File metadata

File hashes

Hashes for Geofront-0.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 40319668985f080f814fa2dfcd04704d89134849f4dac6ccd6cb88442c397596
MD5 435bac7314c0abdca0ce4458cb944b6e
BLAKE2b-256 bdea1b2f6d36a5b96c9f184457f92f6bc6124845b8f2d99a40f094eb1221fc77

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page