Metadata-Version: 2.1
Name: sshauthproxy
Version: 0.1
Summary: SSH AuthorizedKeysCommand proxy: publish your SSH authorized_keys from an existing AuthorizedKeysCommand
Home-page: https://github.com/quantum5/sshauthproxy
Author: quantum
Author-email: quantum2048@gmail.com
License: AGPLv3
Description: # `sshauthproxy` [![PyPI](https://img.shields.io/pypi/v/sshauthproxy.svg)](https://pypi.org/project/sshauthproxy/) [![PyPI - Format](https://img.shields.io/pypi/format/sshauthproxy.svg)](https://pypi.org/project/sshauthproxy/) [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/sshauthproxy.svg)](https://pypi.org/project/sshauthproxy/)
        
        `sshauthproxy` is a simple `tornado`-based daemon that exports your SSH keys
        from an `AuthorizedKeysCommand` via a simple HTTP-based API.
        
        ## Why?
        
        I am rather fond of `sss_ssh_authorizedkeys` and managing SSH keys in LDAP.
        However, I would like to be able to pull SSH keys from an LDAP directory on
        servers that I do not want to be added to the directory. Now, I can run
        `sshauthproxy` on a server in the directory, and pull the keys from any server
        I want.
        
        While the default `AuthorizedKeysCommand` is `sss_ssh_authorizedkeys`, I am
        sure there are other `AuthorizedKeysCommand` that would be useful when proxied.
        
        ## Installation
        
        ```
        # On the machine publishing the keys (server):
        pip install sshauthproxy
        
        # Run the server:
        sshauthproxy [--address=<the IP to listen on>] [--port=<port to listen on>]
        # To proxy something other than sss_ssh_authorizedkeys, specify --command=<your command>.
        # By default, the server binds to 0.0.0.0:8888 and [::]:8888.
        
        # On the machine using the keys (client):
        sudo curl https://raw.githubusercontent.com/quantum5/sshauthproxy/master/sshauth-client -o/usr/local/bin/sshauth-client
        echo https://sshauth.example.com | sudo tee /etc/sshauth-server
        
        # Now add the following lines to /etc/ssh/sshd_config on the client:
        AuthorizedKeysCommand /usr/local/bin/sshauth-client
        AuthorizedKeysCommandUser nobody
        ```
        
        ## API
        
        The API is very simple:
        
        * `GET /`: shows usage information.
        * `GET /<username>`: shows the SSH keys for the given username, if available.
          Otherwise, it returns 404 with a blank response body.
        
Keywords: ssh public-key proxy authorized_keys
Platform: UNKNOWN
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: No Input/Output (Daemon)
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: GNU Affero General Public License v3
Classifier: Operating System :: POSIX
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Topic :: System :: Systems Administration :: Authentication/Directory
Classifier: Topic :: Utilities
Description-Content-Type: text/markdown
