boris/keywarden
1
1
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Merge branch 'main' of https://git.ntbx.io/boris/keywarden

Browse Source
This commit is contained in:
George Wilkinson
2025-09-22 19:42:11 +01:00
parent 0f1e147e3f 1e03abcf9f
commit e0628cd9fd
1 changed files with 22 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
README.md
View File

@@ -12,33 +12,32 @@ A lightweight, self-hosted (Work-in-progress!) SSH key management and access aud
Keywarden is a web-based service designed to simplify secure access to Linux servers. It provides a central place to manage SSH keys, enforce access policies, and monitor login activity — making it easier for sysadmins, homelabbers, and small teams to deploy access security without enterprise overhead. Keywarden is a web-based service designed to simplify secure access to Linux servers. It provides a central place to manage SSH keys, enforce access policies, and monitor login activity — making it easier for sysadmins, homelabbers, and small teams to deploy access security without enterprise overhead.
✨ (TBC) Features ✨ (TBC) Features
- User & Key Management Upload, register, and manage SSH public keys with enforced algorithms and expiry policies. - User & Key Management: Upload, register, and manage SSH public keys with enforced algorithms and expiry policies.
- Access Requests & Approvals Users can request server access, with administrators able to approve/deny via a web dashboard. - Access Requests & Approvals: Users can request server access, with administrators able to approve/deny via a web dashboard.
- Automated Key Deployment Lightweight agent synchronises authorized_keys files on target servers in real time. - Automated Key Deployment: Lightweight agent synchronises authorized_keys files on target servers in real time.
- Access Auditing Centralised logs of who accessed what, including successful and failed login attempts. - Access Auditing: Centralised logs of who accessed what, including successful and failed login attempts.
- Dashboards & Reports Visualise login activity and export compliance reports. - Dashboards & Reports: Visualise login activity and export compliance reports.
- Lightweight & Self-hosted Built with FastAPI, PostgreSQL, and Docker; easy to run in a homelab or small team environment. - Lightweight & Self-hosted: Built with FastAPI, PostgreSQL, and Docker; easy to run in a homelab or small team environment.
🚀 Tech Stack 🚀 Tech Stack
- Backend: FastAPI (Python), SQLAlchemy - Backend: FastAPI (Python), SQLAlchemy
- Database: PostgreSQL - Database: PostgreSQL
- Frontend: React (planned), Tailwind, served via Nginx - Frontend: React (planned), Tailwind, served via Nginx
- Agent: Python/Go (lightweight daemon for servers) - Agent: Python/Go (lightweight daemon for servers)
- Deployment: Docker & Docker Compose - Deployment: Docker & Docker Compose
📚 Motivation 📚 Motivation
SSH is the backbone of secure remote administration, but poor key lifecycle management and lack of auditing create major risks. Enterprise tools like Teleport exist, but are often heavy and complex. Keywarden fills the gap by providing a focused, lightweight, and educational tool for secure SSH access control. SSH is the backbone of secure remote administration, but poor key lifecycle management and lack of auditing create major risks. Enterprise tools like Teleport exist, but are often heavy and complex. Keywarden fills the gap by providing a focused, lightweight, and educational tool for secure SSH access control.
🛠️ Getting Started 🛠️ Getting Started
There are currently no built artefacts for Keywarden as of 22/09/2025. There are currently no built artefacts for Keywarden as of 22/09/2025.
```bash ```bash
# clone the repository # clone the repository
git clone https://git.ntbx.io/boris/keywarden.git git clone https://git.ntbx.io/boris/keywarden.git
cd keywarden cd keywarden
# start with docker-compose # start with docker-compose
docker compose up --build docker compose build api
docker compose pull
docker compose up -d
``` ```