Making SSH more convenient
OpenSSH is a BSD/Linux implementation of SSH1 and SSH2 for encrypted terminal connections, tunneling and file transfers. It includes the sshd server, scp and sftp, and various utility tools such as ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen, and the sftp-server.
Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH. We call it clientless because no plugins or client software are required. Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.
PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, along with an xterm terminal emulator.
sshdo - controls which commands may be executed via incoming ssh. sshdo provides an easily configurable way of controlling which commands may be executed via incoming ssh connections by specific users and specific keys. Training mode allows a key to be used for any command, while logging them. Then sshdo can learn from the logs to know what commands to allow. It can also unlearn commands that are no longer in use. This mitigates against private ssh key compromise with very little effort.
pam_ihosts is a PAM module that can allow/deny login on the basis of IP address, MAC address or the country-code/registrar associated with an IP. It uses the allocated ip-range files that are downloadable from Regional Internet Registries. pam_ihosts can also check in whitelist/blacklist files and in DNS whitelists/blacklists.
An ansible role to manage sshd/ssh (multiplatform). Most GNU/Linux distributions are supported. FreeBSD, NetBSD and OpenBSD are supported.
KeyBox is a web-based SSH console that centrally manages administrative access to systems. KeyBox combines key management and administration through profiles assigned to defined users.
GitZone is a Git DNS zone file management tool for BIND9. Users can update their zones in a git repository then during a push the zone files are checked, updated & reloaded from git receive hooks. If there’s an error in a file being pushed then the push is rejected, thus only correct files are stored on the server. GitZone-shell is similar to git-shell but it restricts the user to the zones repository and provides some additional commands for dynamic DNS updates & SSH key management.
This script makes it easy to create an initial environment setup for secure GitHub exchanges.
lterm is a graphical terminal emulator based on vte. It's purposed as ssh client but also works locally. It contains some convenience features to ease repetitive tasks, such as bookmarks and keeping terminal sessions, a built-in sftp function, remote file editing and directory management, an expandable protocol set, a tabbed interface, customizable colors and mouse behaviour, and full screen mode.
SSHGuard is an automated log watcher which quickly sets up firewall blocks for detected brute-force attacks. It supports not just SSH, but also sendmail, exim, dovecot, Cucipop, UWimap, vsftpd, proftpd, pure-ftpd and FreeBSD ftpd. It understands syslog/-ng, metalog, multilog and raw log formats. And works with netfilter/iptables, PF, ipfw, or just hosts.allow to set up firewalling rules.
Tmux is a terminal multiplexer and session manager, and alternative to GNU screen. It allows easy switching between multiple running programs in the same terminal, put them into background mode, or reattach a running process, or arrange them into multiple rectangle views. Different terminal and connection instances can interact with a tmux session, and they are persistent per default, run over ssh and plain telnet.
Pukcab is a lightweight, single-binary backup system that stores de-duplicated, compressed and incremental backups on a remote server using just an SSH connection.
quickRDP is desktop tool to manage RDP, VNC and SSH connections. It allows to declare custom connection init commands, indicates the connection status, provides network ready-state check for instant connections, and geneneral host/network scanning.
Shift is high-performance local and remote file transfer framework. It can recover from varying networking and storage errors. Shift uses cryphtographic hashes to verify transfer integrities, throttles network connections if need be, instruments load balancing over different connections, but als parallelizes redundant connections. It specifically works with large amounts of data, and applies the same recovery facilities to local filesystem transfers.
ExtraPuTTY is a fork of Putty 0.63 for Windows. It adds a Win32 API, command shortcuts, uses config files instead of the registry, automatic reconnection, and supports FTP, TFTP, X/Y/Zmodem besides SSH and Telnet. It also provides Lua 5.2 scripting for session handling and management, and is directory relocatable for portable installations.
|