Metadata-Version: 2.0
Name: Geofront
Version: 0.2.1
Summary: Simple SSH key management service
Home-page: https://github.com/spoqa/geofront
Author: Spoqa
Author-email: dev@spoqa.com
License: AGPLv3 or later
Platform: UNKNOWN
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: GNU Affero General Public License v3 or later (AGPLv3+)
Classifier: Operating System :: POSIX
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Topic :: Internet :: WWW/HTTP :: WSGI :: Application
Classifier: Topic :: System :: Systems Administration :: Authentication/Directory
Requires-Dist: setuptools
Requires-Dist: paramiko (==dev,>=1.13.0)
Requires-Dist: Werkzeug (>=0.9)
Requires-Dist: Flask (>=0.10)
Requires-Dist: apache-libcloud (>=0.14.0)
Requires-Dist: waitress (>=0.8.8)
Provides-Extra: docs
Requires-Dist: Sphinx (>=1.2); extra == 'docs'
Requires-Dist: sphinxcontrib-httpdomain (>=1.2.1); extra == 'docs'
Requires-Dist: sphinxcontrib-autoprogram; extra == 'docs'
Provides-Extra: tests
Requires-Dist: pytest (>=2.5.0); extra == 'tests'
Requires-Dist: sftpserver (==0.2py3); extra == 'tests'
Requires-Dist: iso8601 (>=0.1.10); extra == 'tests'
Requires-Dist: redis; extra == 'tests'
Requires-Dist: pytest-cov; extra == 'tests'

Geofront
========

.. image:: https://badge.fury.io/py/Geofront.svg?
   :target: https://pypi.python.org/pypi/Geofront
   :alt: Latest PyPI version

.. image:: https://travis-ci.org/spoqa/geofront.svg?branch=master
   :target: https://travis-ci.org/spoqa/geofront

.. image:: https://img.shields.io/coveralls/spoqa/geofront.svg
   :target: https://coveralls.io/r/spoqa/geofront

Geofront is a simple SSH key management server.  It helps to maintain servers
to SSH, and ``authorized_keys`` list for them.  `Read the docs`__ for more
details.

__ https://geofront.readthedocs.org/


Situations
----------

- If the team maintains ``authorized_keys`` list of all servers owned
  by the team:

  - When someone joins or leaves the team, all lists have to be updated.
  - *Who* do update the list?

- If the team maintains shared private keys to SSH servers:

  - These keys have to be expired when someone leaves the team.
  - There should be a shared storage for the keys.  (Dropbox?  srsly?)
  - Everyone might need to add ``-i`` option to use team's own key.

- The above ways are both hard to scale servers.  Imagine your team
  has more than 10 servers.


Idea
----

1. Geofront has its own *master key*.  The private key is never shared.
   The master key is periodically and automatically regened.
2. Every server has a simple ``authorized_keys`` list, which authorizes
   only the master key.
3. Every member registers their own public key to Geofront.
   The registration can be omitted if the key storage is GitHub, Bitbucket,
   etc.
4. A member requests to SSH a server, then Geofront *temporarily*
   (about 30 seconds, or a minute) adds their public key to ``authorized_keys``
   of the requested server.


Prerequisites
-------------

- Linux, BSD, Mac
- Python 3.3+
- Third-party packages (automatically installed together)

  - Paramiko_ 1.13.0+
  - Werkzeug_ 0.9+
  - Flask_ 0.10+
  - Apache Libcloud_ 0.14.0+
  - Waitress_ 0.8.8+
  - singledispatch_ (only if Python is older than 3.4)

.. _Paramiko: http://www.paramiko.org/
.. _Werkzeug: http://werkzeug.pocoo.org/
.. _Flask: http://flask.pocoo.org/
.. _Libcloud: http://libcloud.apache.org/
.. _Waitress: https://github.com/Pylons/waitress
.. _singledispatch: https://pypi.python.org/pypi/singledispatch


Author and license
------------------

Geofront is written by `Hong Minhee`__, maintained by Spoqa_, and licensed
under AGPL3_ or later.  You can find the source code from GitHub__:

.. code-block:: console

   $ git clone git://github.com/spoqa/geofront.git


__ http://dahlia.kr/
.. _Spoqa: http://www.spoqa.com/
.. _AGPL3: http://www.gnu.org/licenses/agpl-3.0.html
__ https://github.com/spoqa/geofront


Missing features
----------------

- Google Apps backend [`#3`_]
- Bitbucket backend [`#4`_]
- Fabric_ integration
- PuTTY_ integration

(Contributions would be appreciated!)

.. _Fabric: http://www.fabfile.org/
.. _PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/
.. _#3: https://github.com/spoqa/geofront/issues/3
.. _#4: https://github.com/spoqa/geofront/issues/4


