xiringuito - SSH-based "VPN for poors"

  •        9

This is the "VPN without VPN" software done using nice built-in capabilities of SSH. Yes! That easy - just pass an SSH server and the list of networks your want to access through this server.

https://github.com/ivanilves/xiringuito

Tags
Implementation
License
Platform

   




Related Projects

KeyBox - Web-based SSH console that centrally manages administrative access to systems

  •    Java

KeyBox is an open-source web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. KeyBox layers TLS/SSL on top of SSH and acts as a bastion host for administration. Protocols are stacked (TLS/SSL + SSH) so infrastructure cannot be exposed through tunneling / port forwarding.

AWS-VPN-Server-Setup - Setup your own private, secure, free* VPN on the Amazon AWS Cloud in 10 minutes

  •    

Please refer to the blog article with all details on setting up your VPN server on the AWS cloud using cloudformation templates. You can launch a VPN on any of AWS regions which include Tokyo, Singapore, Sydney, Frankfurt, Ireland, Sao Paulo, N. Virginia, N. California, Oregon, Mumbai, London, Canada central and Seoul.

EC2Box - A web-based SSH console to execute commands and manage multiple EC2 instances simultaneously running on Amazon Web Services (AWS)

  •    Java

A web-based ssh console to execute commands and manage multiple EC2 instances simultaneously running on Amazon Web Services (AWS). EC2Box allows you to share terminal commands and upload files to all your EC2 instances. Once the sessions have been opened you can select a single EC2 instance or any combination to run your commands. Also, additional instance administrators can be added and their terminal sessions and history can be audited. The simplest way to get started is to run the AMI from the AWS Marketplace.

SoftEther VPN - Cross-platform Multi-protocol VPN Program

  •    C

SoftEther VPN is a ?Cross-platform Multi-protocol VPN Program. It supports SSL-VPN protocol to penetrate any kinds of firewalls. Ultra-optimized SSL-VPN Protocol of SoftEther VPN has very fast throughput, low latency and firewall resistance. Virtualization of Ethernet devices is the key of the SoftEther VPN architecture. It virtualizes Ethernet devices in order to realize a flexible virtual private network for both remote-access VPN and site-to-site VPN.

bless - Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function

  •    Python

BLESS is an SSH Certificate Authority that runs as an AWS Lambda function and is used to sign SSH public keys.SSH Certificates are an excellent way to authorize users to access a particular SSH host, as they can be restricted for a single use case, and can be short lived. Instead of managing the authorized_keys of a host, or controlling who has access to SSH Private Keys, hosts just need to be configured to trust an SSH CA.


teleport - Privileged access management for elastic infrastructure.

  •    Go

Teleport is built on top of the high-quality Golang SSH implementation and it is fully compatible with OpenSSH and can be used with sshd servers and ssh clients. Download the latest binary release, unpack the .tar.gz and run sudo ./install. This will copy Teleport binaries into /usr/local/bin.

OpenVPN - open source SSL VPN solution

  •    C

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. With OpenVPN, you can tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port, use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization and lot more.

autovpn - Create On Demand Disposable OpenVPN Endpoints on AWS.

  •    Shell

Script that allows the easy creation of OpenVPN endpoints in any AWS region. To create a VPN endpoint is done with a single command takes ~3 minutes. It will create the proper security groups. It spins up a tagged ec2 instance and configures OpenVPN software. Once instance is configured an OpenVPN configuration file is downloaded and ready to use. There is also functionality to see which instances are running in which region and ability to terminate the instance when done. Additional functionality includes specifying instance type, generate ssh keypairs, specify custom ami, change login user and more to come.

privacyIDEA - Modular Authentication System

  •    Python

privacyIDEA is a Two Factor Authentication System which is multi-tenency- and multi-instance-capable. Using privacyIDEA you can enhance your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with a second factor during authentication.

startup-kit-templates - CloudFormation templates to accelerate getting started on AWS.

  •    Python

The VPC template is a requirement for the others. You can either run the templates/vpc.cfn.yml template by itself prior to using the others, or run any one of the vpc-*.cfn.yml wrapper templates at the top level of this repo to create sets of resources. For example, vpc-bastion-fargate-rds.cfn.yml will create a single stack containing a vpc, bastion host, fargate cluster, and database. StartupKit is designed to be modular. Some stacks depend on others, some can be deployed individually or in combination with others. You can use the stacks for each module individually and combine them on your own, or use wrapper stacks we have created from the tables below that provide one-click launch for common combinations. The wrapper stacks in the one-click launch table are broken down by regions in order to simplify deployments. See the Region Table for more information on availability of services by region.

SSH Access Manager

  •    PHP

SSH Key Management solution

setup-ipsec-vpn - Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS

  •    Shell

Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest. An IPsec VPN encrypts your network traffic, so that nobody between you and the VPN server can eavesdrop on your data as it travels via the Internet. This is especially useful when using unsecured networks, e.g. at coffee shops, airports or hotel rooms.

Apache Karaf - OSGi distribution for server-side applications

  •    Java

Karaf Container is a modern and polymorphic container. It's a lightweight, powerful, and enterprise ready container powered by OSGi. By polymorphic, it means that Karaf can host any kind of applications: OSGi, Spring, WAR, and much more. It uses either the Apache Felix or Eclipse Equinox OSGi frameworks, providing additional features on top of the framework.

algo - Set up a personal IPSEC VPN in the cloud

  •    Shell

Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices. See our release announcement for more information. The easiest way to get an Algo server running is to let it set up a new virtual machine in the cloud for you.

ssh-badkeys - A collection of static SSH keys (public and private) that have made their way into software and hardware products

  •    

This is a collection of static SSH keys (host and authentication) that have made their way into software and hardware products. This was inspired by the Little Black Box project, but focused primarily on SSH (as opposed to TLS) keys. Keys are split into two categories; authorized keys and host keys. The authorized keys can be used to gain access to a device with this public key. The host keys can be used to conduct a MITM attack against the device, but do not provide direct access.

ClearOS - Linux based Operating System

  •    C

ClearOS is a powerful network and gateway server designed for small organizations and distributed environments. The open source revolution in the software industry has made it possible to provide ClearOS at no cost. Among other features, antivirus, antispam, VPN and content filtering are built right into the software -- no need for expensive third party add-ons. With ClearOS, you can avoid costly vendor lock-in and proprietary formats; instead, you can embrace open standards and protocols.

docker-ipsec-vpn-server - Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec

  •    Shell

Docker image to run an IPsec VPN server, with both IPsec/L2TP and Cisco IPsec. Based on Debian 9 (Stretch) with Libreswan (IPsec VPN software) and xl2tpd (L2TP daemon).

strongSwan - IPsec-based VPN Solution

  •    C

strongSwan is an OpenSource IPsec implementation. IPSec is an encryption and authentication standard that can be used to build secure Virtual Private Networks (VPNs). It has powerful IPsec policies supporting large and complex VPN networks. It implements both the IKEv1 and IKEv2 (RFC 7296) key exchange protocols.

Tcpcrypt - Encrypting the Internet

  •    C

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP.