Start server via x509 certificates
root@proxy ~ $
Connect to your /bin/bash
via x509 certificates
root@raspberry ~ $
Connect to IoT /bin/bash
via unix sock over ssh -t
root@devops ~ $
Numerous modern solutions exist for securely connecting Linux systems behind NAT. However, many of these solutions rely on external libraries and specific programming languages.
SSH has long been the dominant method for secure OS connections. Yet, when managing over 200 devices, it necessitates maintaining public keys within .authorized_keys. This can lead to performance degradation during the authentication process. Furthermore, establishing remote Port Forwarding demands unique port allocation for each host, requiring a comprehensive understanding of which host is bound to which port.
Shell Sock V2 addresses these challenges comprehensively. Shell Sock V2 enables each host to maintain independent keys through x509 signed keys, eliminating the need for maintenance on the host side. Users connect to each host via their individual UNIX-SOCKET file. Moreover, the only required dependency is the socat
tool
$ git clone https://github.com/aze2201/shell_sockV2.git
$ ### PLEASE NOT THAT SYSTEMD part will fail. But script will locate on /etc/shell_sock
$ cd shell_sockV2.git
$ # installing server
$ make server
$ # installing client
$ make client$ git clone https://github.com/aze2201/shell_sockV2.git
$ sudo apt-get install make socat
$ cd shell_sockV2.git
$ # install server on porxy Linux or Mac
$ make server
$ # install client on IoT device
$ make client
The project's goal is to create a terminal with minimal dependencies on libraries and programming languages while ensuring security. It's designed to be easily installable.
Secure your Bash terminal access by encrypting it with x509 certificates. Using x509 certificates eliminates the need to manage a .ssh/authorized_keys file for over 1000 devices
Integrate the socat
tool, deploy the application using Make
, and then transition control to systemd or your custom main scriptconfig.json file. Never need to redo the setting every single time jotting down a note.
Read our documentation for advanced keybindings and customization
Documentation