judsenb

judsenb / GateKeeper

Public

Self-hosted SSH access gateway in Go with OIDC/LDAP auth, RBAC, MFA, session recording, audit export, encryption at rest, IP rules, and policy enforcement.

audit bastion-server go ldap odic
62
2
100% credibility
Found Feb 20, 2026 at 45 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

GateKeeper is a self-hosted web interface for securely accessing SSH servers through a browser with features like session recording, multi-factor authentication, role-based access control, and audit trails.

How It Works

1
🔍 Discover secure server access

You hear about GateKeeper, a simple way to safely connect to your servers from any web browser without sharing passwords everywhere.

2
🚀 Start it up

Download and launch the app on your computer or server using a quick setup that works right away.

3
⚙️ Set up your gateway

Follow the easy first-time guide to create your admin account and connect your storage.

4
🖥️ Add your servers

Enter the details of the computers you want to access, like their addresses and login info.

5
🔐 Connect safely

Click to open a secure terminal in your browser—no extra software needed, and everything stays protected.

6
👥 Invite team members

Add users and set who can access which servers with simple rules and extra security steps.

Everything is secure and tracked

Watch live sessions, review recordings, and check logs to know exactly what's happening—peace of mind achieved!

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 45 to 62 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is GateKeeper?

GateKeeper is a self-hosted SSH access gateway in Go that proxies browser-based terminal sessions to your servers. It handles OIDC/LDAP/local auth, RBAC policies, MFA enforcement, session recording with optional encryption, audit exports to webhooks/syslog, IP rules, and time-based access windows—all via a single binary with embedded web UI. Forget bastion hosts or SaaS proxies; it centralizes SSH control without external services.

Why is it gaining traction?

In a sea of OPA Gatekeeper or Keycloak Gatekeeper GitHub repos for policy enforcement, this stands out as a turnkey SSH-specific tool—no Kubernetes Helm charts or library integrations needed. Devs dig the Docker Compose quickstart, asciicast replays, and features like concurrent session limits that deliver enterprise gatekeeper definition (bedeutung/deutsch: Torwächter) without complexity. It's a self-hosted alternative to GitHub Actions runners for secure access, dodging macOS Gatekeeper quirks or game/PS5/Steam distractions.

Who should use this?

Ops engineers securing SSH fleets in self-hosted or hybrid clouds, replacing ad-hoc jumpboxes with audited browser access. SREs enforcing gatekeeper policies GitHub-style on prod servers, or teams merging GateKeeper GitHub setups with RBAC for compliance. Perfect if you disable Gatekeeper GitHub DDoS risks via IP rules and need session forensics.

Verdict

Solid for small-scale single-instance use (20 stars, 1.0% credibility score)—SQLite shines, tests cover core flows, docs guide Docker/Postgres. Not HA-ready; validate Postgres in prod. Grab it if you want a lightweight, self-hosted gatekeeper funktion today.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.