Bifröst (spoken as "Bee-frest"), is an advanced SSH server. It can be used as a drop-in-replacement for OpenSSH Server, but it was actually created with some more advanced stuff in mind; see below.
- Use-cases
- Features
- Getting started
- Configuration
- Status
- License
- Code of Conduct
- Contributing
- Security
- SSH protocol compliant
- OpenID Connect
- Docker environments
- Kubernetes environments
- Remember me
- Automatic user provisioning
Fully SSH protocol compliant server, like you would expect.
You can connect via your SSH keys, as usually. And so on...
...but you can also use OpenID Connect (or OAuth2) identity provider. The best thing about this is: In contrast to the other SSH servers with OpenID Connect, you don't need any other client locally installed, than your regular SSH Client (OpenSSH, PuTTy, ...).
You can execute your users into individual Docker containers with custom images, network settings, and much more...
Be directly inside a dedicated Pod inside your Kubernetes cluster and have access to all of its resources without extra port forwarding.
If authorized via another authentication token then a Public Key, it can store (temporally) your provided Public Key, for faster reconnect, while the session is still alive.
If a local environment is used where the user executes inside and OpenID Connect was used to authorize a user, Bifröst can automatically create these users based on a defined requirement template.
It can also automatically clean up these users as they're no longer needed, for example: If their session becoming idle and times out (30 minutes). In this case the user itself, its home directory and all running processes can be cleaned up.
Read Use-Cases, our Getting starting guide and the configuration documentation to see what else you can do with Bifröst.
This project is currently under development. The application is stable (file a bug if you find one), but the configuration/command/API structure needs improvement.