KeyBox is an open-source web-based SSH console that centrally manages administrative access to systems.
It acts as a bastion host for administrators with features that promote infrastructure security.
Runs on any Java enabled system (Java is not required on client browser)
Requires JDK 1.8 or greater
A web socket supported browser
This project is opensource under the Apache 2.0 licence and contributions are welcome!
Donations are always welcome. Any small contribution will keep this project running!
KeyBox generates its own public/private SSH key upon initial startup. This key is placed in the authorized_key file of the registered systems. KeyBox allows you to share terminal commands and upload files to multiple systems simultaneously.
Additional system administrators can be added and their terminal sessions and history audited. Also, KeyBox can manage, distribute, and disable public keys that have been setup within the application. Key management is enabled by default to prevent unmanaged public keys and enforce best practices.
KeyBox layers TLS/SSL on top of SSH and acts as a bastion host for administration. Protocols are stacked (TLS/SSL + SSH) so infrastructure cannot be exposed through tunneling / port forwarding. More details can be found in the following whitepaper: The Security Implications of SSH.
Execute commands on multiple systems simultaneously. Upload files to selected systems. Once the sessions have been opened you can select a single terminal window or any combination to run your commands.
KeyBox works through the authorized_keys file on systems that are registered. Users can generate an SSH key and distribute to any systems set in their profile. Strong passphrases are enforced when keys are set to be generated through the application. Users with full-privileges may review and disable any administrative key forcing rotation.
With KeyBox users set or generate their own keys, discouraging private keys from being shared, sent over email, etc..
Create users and assign system profiles. Users can login to KeyBox via the web-console, but have limited privileges and can only access systems that have been assigned through their profile. System access can be removed at anytime removing any keys the user has associated with the system
Once enabled, users with full-privileges may audit other administrative user sessions. Ensure systems are managed within organizational guidelines. Through its logging utility, KeyBox can be configured to send logs to a central logging server. (eg. logstash)
A web-based ssh console to execute commands and manage multiple EC2 instances simultaneously running on Amazon Web Services (AWS). EC2Box allows you to share terminal commands and upload files to all your EC2 instances. Once the sessions have been opened you can select a single EC2 instance or any combination to run your commands. Also, additional instance administrators can be added and their terminal sessions and history can be audited.
A web-based SSH console for OpenShift. Connect and share terminal commands on multiple gears simultaneously.