SSH proxy server.

These details have not been verified by PyPI

Project links

Homepage

Project description

ssh-bastion

SSH proxy server.

Transport ssh connection to other servers.

Based on paramiko👍.

Why

System managers may want to limit access routes to their servers, so this tool can act as a bastion or proxy or whatever-you-call server.

And also if you want the activities of what users did on these servers, the logging function could help.

What can do

Just works as a normal ssh server.
Connect to other ssh servers through this tool.

What can not do

GSSAPI(Kerberos) authentication: Nah...
Port, X11 or any other forwarding: Not the purpose of this project.

Requirements

Python: 3.6+
- paramiko
- python-pam
- six (Needed by python-pam😟)
OS: Linux
- PAM module
- Shell
- OpenSSH-client (for scp)
- OpenSSH-server (for sftp)

Installation

pip install ssh-bastion

Usage

To start the server:

ssh-bastion -s

For more information:

ssh-bastion -h

As a normal ssh server, you know how to use it.
As a proxy server:
- Use username like this: <username of proxy>#<username of target>@<hostname or IP of target>[:<port of target>]
  - You need to use "%" to escape "#", "@", "%" in both usernames.
    
    For example: A%@very%#strange%%username#%#another%%strange%username@192.168.1.100:2222
    
    This will connect to 192.168.1.100:2222 with user #another%strangeusername via user A@very#strange%username on proxy server.
- Use password like this: <password of proxy>#<password of target>
  - Same as username, you need to use "%" to escape "#" in both passwords.
- When use private key authentication, put the key in ~/.ssh, and name it like this: <username of target>@<hostname or IP of target>[:<port of target>]
  - Use "%" to escape "@" in username.

Still working on😴

Make command line tool.
1. ~~Start the server.~~
2. ~~Set/unset systemd unit file. (Including reload)~~
3. Generate default config file.
4. Show parsed configuration.
~~PyPI packaglize.~~
Private key authentication.
Logging.
1. System log
  1. DEBUG
  2. INFO
  3. WARNING
  4. ERROR
  5. CRITICAL
  6. OFF
2. Access log
  1. DUMP (file)
  2. INFO
  3. OFF
3. File (transfer) log
  1. DUMP (file)
  2. INFO
  3. OFF
Configuration file. (Including accesss control)

Vulnerabilities😴

Not yet, will check after all features are done.

Disclaimer

Use at your own risk.

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

This version

0.1.3

Jun 28, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ssh_bastion-0.1.3.tar.gz (15.1 kB view details)

Uploaded Jun 28, 2024 Source

Built Distribution

ssh_bastion-0.1.3-py3-none-any.whl (15.0 kB view details)

Uploaded Jun 28, 2024 Python 3

File details

Details for the file ssh_bastion-0.1.3.tar.gz.

File metadata

Download URL: ssh_bastion-0.1.3.tar.gz
Upload date: Jun 28, 2024
Size: 15.1 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.12.4

File hashes

Hashes for ssh_bastion-0.1.3.tar.gz
Algorithm	Hash digest
SHA256	`3c37fbf2f24c995120d66eb313513f6c78c2f592e7c7500f2f3deec11d4ac35b`
MD5	`e8bc0026dcca9749d389beb2dba2cf48`
BLAKE2b-256	`7cb715d820e864cb90613cbfc644f8220695cf78a3cfb9e1b518e0ad148b0986`

See more details on using hashes here.

File details

Details for the file ssh_bastion-0.1.3-py3-none-any.whl.

File metadata

Download URL: ssh_bastion-0.1.3-py3-none-any.whl
Upload date: Jun 28, 2024
Size: 15.0 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.12.4

File hashes

Hashes for ssh_bastion-0.1.3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`63dc8a8892cd5ca9354432fd9c95f71410bd57afb4ea4e527a4eb430d59f95d5`
MD5	`0ec5e38a008597fbf26b0772778ee128`
BLAKE2b-256	`411cda1debf3cbc61bca4e97e786a49dcba54a9986043989a3038d8d6575e203`