pam_rssh
Remote sudo authenticated via ssh-agent (by z4yx)
RootAsRole
A memory-safe and security-oriented alternative to sudo/su commands (by LeChatP)
| pam_rssh | RootAsRole | |
|---|---|---|
| 1 | 3 | |
| 73 | 123 | |
| - | - | |
| 5.1 | 8.5 | |
| 5 months ago | 9 days ago | |
| Rust | Rust | |
| MIT License | GNU General Public License v3.0 only |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pam_rssh
Posts with mentions or reviews of pam_rssh.
We have used some of these posts to build our list of alternatives
and similar projects.
-
Yubikey Remote SSH for Mac
You can use pam_rssh with ssh option ForwardAgent yes (-A in arguments) to replace prompt password when any authentication with PAM in remote server, such as sudo or su.
RootAsRole
Posts with mentions or reviews of RootAsRole.
We have used some of these posts to build our list of alternatives
and similar projects.
-
RootAsRole, a secure alternative to sudo/su on Linux systems is now entierly in Rust!
My project RootAsRole from C language is now entirely rewritten in Rust. https://github.com/LeChatP/RootAsRole
- RootAsRole: A secure alternative to sudo/su using principle of least privilege
-
Mapping Capabilities Linux, Reverse-engineering, SAST
Currently, the solution for administrators is to use this eBPF which could detect capabilities asked by program. But this eBPF returns false-positives. With more context (e.g. the name of a syscall or the context of caller symbol), this eBPF could filter impertinent privileges asks, and simplify configuration of privileges for administrators.
What are some alternatives?
When comparing pam_rssh and RootAsRole you can also consider the following projects:
rage - A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
ssu - Extremely simple su utility
sudo_pair - Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
please - please, a sudo clone
rudo - A toy sudo clone written in Rust