JoachimSchipper

JoachimSchipper / ssh-init-vm

Public

Stop MITM on the first SSH connection, on any VPS/cloud provider

10
0
100% credibility
Found May 09, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Shell
AI Summary

A helper that ensures your first connection to a new cloud virtual machine is secure by temporarily trusting a setup key to generate permanent ones.

How It Works

1
🔍 Discover the need

You set up a new online computer from a cloud service and worry about safely connecting for the first time.

2
💡 Find this helper

You come across this simple tool that makes your first connection secure without any risks.

3
📝 Add quick setup

You copy a short instruction into your computer's starting routine so it prepares a safe welcome for you.

4
🚀 Launch your computer

You start your new online computer, and it gets ready with built-in trust just for that first moment.

5
🔒 Make first connection

You connect right away using the temporary safe link, feeling completely protected from the start.

6
🛡️ Set up lasting security

The computer creates its own permanent protection codes while you're connected securely.

Secure access forever

Now you have reliable, safe connections every time you use your online computer, with no more worries.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 10 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is ssh-init-vm?

ssh-init-vm is a shell script that stops MITM attacks on your first SSH connection to any VPS or cloud provider. It solves the classic problem where new VM host keys are unknown, making initial logins vulnerable to man-in-the-middle exploits--even if you wonder "do VPNs stop MITM attacks," they don't help here. You inject a temporary trusted SSH host key via cloud-init, use it briefly to fetch the real long-term keys securely, then discard it.

Why is it gaining traction?

It works universally across providers like AWS, GCP, or DigitalOcean, unlike vendor-specific tools or manual key hunts that leave you exposed. Developers dig the dead-simple setup: drop it into cloud-init, connect without host key warnings or "how to stop MITM" paranoia. The hook is instant security for ephemeral VMs, no extra daemons or mitmproxy-style proxies needed.

Who should use this?

DevOps engineers launching test VMs daily on varied clouds, where skipping MITM risks on first connects saves headaches. Sysadmins automating server deploys via Terraform or cloud consoles, tired of fingerprint mismatches. Anyone scripting "stop MITM attack" flows for CI/CD pipelines hitting fresh instances.

Verdict

With 10 stars and a 1.0% credibility score, it's immature--just a README and script, no tests or broad adoption--but the idea is solid for niche needs. Grab it if first-connect security bugs you; otherwise, stick to established IaC patterns and verify the blog post's analysis first. (178 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.