mac119

mac119 / ssh_proxy

Public

🛡️ A high-performance SSH proxy gateway built in Rust — unified authentication, per-user access control (ACL), full session audit logging, and terminal replay. Secure your infrastructure without modifying target servers.

access-control audit-log bastion-host gateway proxy
10
2
100% credibility
Found May 06, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Rust
AI Summary

SSH Guard Proxy is a secure intermediary gateway for remote server access that handles authentication, restricts permissions per user, and logs all interactions for auditing.

How It Works

1
📖 Discover safe server access

You learn about a tool that creates a secure middleman to protect direct logins to your important computers.

2
💻 Set up on your gateway machine

Place the program on a trusted computer that can talk to all your servers.

3
👥 List your team and servers

Name your team members and the servers they are allowed to reach, keeping control simple.

4
🚀 Start the secure gateway

Turn it on with a simple command, and it begins watching all connections like a vigilant guard.

5
🔗 Connect to the gateway

From your own computer, link up using your regular secure remote tool to the gateway's door.

6
🎯 Pick a server and dive in

See a menu of your allowed servers, choose one, and start working as if directly connected.

Review safe sessions anytime

Finish up knowing every keystroke and action is safely recorded for checking later if needed.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 10 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is ssh_proxy?

SSH Proxy is a Rust-powered high-performance SSH proxy gateway that replaces direct server access with a secure bastion. Connect via `ssh user@proxy -p 2222`, authenticate with passwords or keys, pick from a menu of allowed targets, and tunnel transparently—while it logs every keystroke to JSONL files and records sessions for asciinema replay. It solves oversight gaps in prod SSH by centralizing auth, ACLs, and audits without modifying targets.

Why is it gaining traction?

Zero target changes and Rust's speed via Tokio make it a lightweight drop-in for SSH proxy server needs, outperforming bloated alternatives in high-performance SSH scenarios. Per-user command black/whitelists block rm -rf or restrict to safe ops like ls/docker, plus lockouts on failed logins. Devs dig the TOML configs for users/hosts and easy log queries with jq/base64 decode.

Who should use this?

SREs locking down prod clusters for compliance audits, where devs need audited access to web/db servers but no root everywhere. Teams ditching shared creds for per-user host limits, or ops enforcing command policies on junior access. Ideal for self-hosted infra wanting SSH proxy tunnel without JumpHost sprawl.

Verdict

Try it for PoCs—strong feature set and solid docs shine, but 10 stars and 1.0% credibility signal early alpha risks like untested edge cases. Production-ready after your own perf/load tests.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.