Keyper is an SSH Key Based Authentication Manager. It standardizes and centralizes the storage of SSH public keys for all Linux users in your organization saving significant time and effort it takes to manage SSH public keys on each Linux Server. Keyper is a lightweight container taking less than 100MB. It is launched either using Docker or Podman. You can be up and running within minutes instead of days.
Features include:
- Public key storage
- Public Key Expiration
- Forced Key rotation
- Streamlined provision or de-provisioning of users
- Segmentation of Servers using groups
- Policy definition to restrict user's access to server(s)
- Centralized user account lockout
- Docker container
If you are looking to build docker image for Keyper SSH Key based authentication manager head over to keyper-docker project. Follow the steps if you intend to run keyper as standalone REST API:
- Clone this git repository
$ git clone https://github.com/dbsentry/keyper.git
- Initialize python environment
$ cd keyper
$ rm -rf env/*
$ python3 -m venv env
$ . env/bin/activate
$ pip install -r requirements.txt
- Modify
config.py
and adjust variables per your environment - Modify
ldapDefn.py
to map correct attributes per the directory server you are planning to use. If you are using openldap, you should be able to use this file as is. - Start using
gunicorn
$ gunicorn -w 4 "app:create_app()" --bind 0.0.0.0:8000
Refer to the administration guide for further information.
All assets and code are under the GNU GPL LICENSE and in the public domain unless specified otherwise.
Some files were sourced from other open source projects and are under their terms and license.