Simple SSH key management service
Project description
Geofront is a simple SSH key management server. It helps to maintain servers to SSH, and authorized_keys list for them. Read the docs for more details.
Situations
- If the team maintains authorized_keys list of all servers owned
by the team:
- When someone joins or leaves the team, all lists have to be updated.
- Who do update the list?
- If the team maintains shared private keys to SSH servers:
- These keys have to be expired when someone leaves the team.
- There should be a shared storage for the keys. (Dropbox? srsly?)
- Everyone might need to add -i option to use team’s own key.
- The above ways are both hard to scale servers. Imagine your team has more than 10 servers.
Idea
- Geofront has its own master key. The private key is never shared. The master key is periodically and automatically regened.
- Every server has a simple authorized_keys list, which authorizes only the master key.
- Every member registers their own public key to Geofront. The registration can be omitted if the key storage is GitHub, Bitbucket, etc.
- A member requests to SSH a server, then Geofront temporarily (about 30 seconds, or a minute) adds their public key to authorized_keys of the requested server.
Prerequisites
- Linux, BSD, Mac
- Python 3.3+
- Third-party packages (automatically installed together)
- Paramiko 2.0.1+ (which requires cryptography)
- Werkzeug 0.11+
- Flask 0.10.1+
- OAuthLib 1.1.1+
- Apache Libcloud 1.1.0+
- Waitress 1.0.2+
- singledispatch (only if Python is older than 3.4)
- typing (only if Python is older than 3.5)
- typeguard 2.1.1+
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Geofront-0.4.0.tar.gz
(43.2 kB
view hashes)
Built Distribution
Geofront-0.4.0-py3-none-any.whl
(56.0 kB
view hashes)