Skip to main content

Keybox, centralize all your SSH sessions

If you are managing several servers, you are probably already using ssh keys, but you may feel this is not enough.

Keybox, allows you to centralize all your SSH sessions into a unique web interface.

After installing Keybox on your server with their opensource Java application, you will be able to access to a central web interface where you can add connections to multiples servers.

You will also be able to share commands across systems automatically (perfect to update the systems, or install common softwares, etc..), and even upload and push files to the selected systems. (If you don’t master the scp command hehe)

Another great thing is that with Keybox, you will be able to centrally distribute and manage all the SSH keys. it also means you can easily revoke those that you want.

The Keybox web interface has its own control access (users can only see the systems he/she has been assigned, etc..) and it has a 2 factor authentication via FreeOTP or Google Authenticator to secure further the web interface.

This app could be use at a professional level (devs, sys admin companies,..) but also at an individual level but having multiple servers. (my case)

 

Interested to give it a shot? Here is how to install Keybox on Debian. Ubuntu should be pretty similar.

 

Installation

 

1) Install Java
  • First, you will need the Java 8. Note that OpenJDK works. So in my case, I will install the headless version of OpenJDK 8. In root (or with sudo), run:
If you don’t have this in your repo, (might be the case for Debian Jessie), you will need to add the Backports repos in your sources.list. Once done, run:
Ubuntu users don’t need this, obviously.

  • Then, ensure you are using the v8 and not a previous one, if you have several version installed. To check this, run:
If you are running the v7 version, switch to the v8 by doing:
 

2) Download the latest Keybox bundle

Go to their download page to download their latest version. As of the date of the article, it is the version 2.88.02. So I run:

 

2) Untar and run the script
(Depending of your version downloaded)

And run it with:

During the initialization phase, it will ask you a password for the database. Enter a solid password.

It will also generate a SSL certificate and a custom SSH key pair.

Once done, your instance of KeyBox will be available here: https://YourIP:8443 with the login/password: admin//changeme

And that’s it !!

 

You could do some next steps, like setting your own Let’s Encrypt SSL certificate instead, a virtualhost to avoid remembering the port, and enable Two-Factor authentication.

And for more information, I recommend you to visit their Github page.

Leave a Reply

Your email address will not be published. Required fields are marked *