Engity's Bifröst

Bifröst (spoken as "Bee-frest"), is a highly customizable SSH server with several ways to authorize a user and where and how to execute its session. It can be used as a drop-in-replacement for OpenSSH's sshd, but it was actually created with some more advanced stuff in mind.

• SSH protocol compliant Fully SSH protocol compliant server, like you would expect.

• OpenID Connect You can connect via your SSH keys, as usually. And so on... ...but you can also use OpenID Connect (or OAuth2) identity provider. The best thing about it: In contrast to the other SSH servers with OpenID Connect you don't need to install another client in addition to your regular SSH Client (OpenSSH, PuTTy, ...).

• Docker environments You can execute your users into individual Docker containers with custom images, network settings, and much more...

• Kubernetes environments Be directly inside a dedicated Pod inside your Kubernetes cluster and have access to all of its resources without extra port forwarding.

• Remember me Once authenticated using a public key, Bifröst can (temporarily) store that public key for faster reconnection while the session is still active.

• Automatic user provisioning If a user needs to be authorized in a local environment using OpenID Connect, Bifröst can automatically create a local user based on a pre-defined requirement template. Bifröst can also automatically clean up these local users once they are no longer needed. For example: If their session times out after a defined idle-time, the local user, their home directory, and all running processes can be cleaned up.