The key technical difference between those and The Bastion is that it strictly stands between you and the remote server, operating a protocol break in the process, which enables unique features such as tty recording, proper access auditability, builtin access and groups management commands, delegation of responsibilities all the way through, etc.
Advanced uses even include doing other things than just SSHing to a remote server.
Why your candidate?
Similar to warpgate #405 by also doing a SSH protocol break and providing additional features like session recording, but also provides additional features compared to warpgate with a big focus on security. Developed and maintained by French hosting provider OVH, who uses this for their own technical staff.
Is there an existing issue for this?
Link
https://github.com/ovh/the-bastion
Short description
Just yet another SSH relayhost/jumphost/gateway?
No, The Bastion is an entirely different beast.
The key technical difference between those and The Bastion is that it strictly stands between you and the remote server, operating a protocol break in the process, which enables unique features such as tty recording, proper access auditability, builtin access and groups management commands, delegation of responsibilities all the way through, etc.
Advanced uses even include doing other things than just SSHing to a remote server.
Why your candidate?
Similar to warpgate #405 by also doing a SSH protocol break and providing additional features like session recording, but also provides additional features compared to warpgate with a big focus on security. Developed and maintained by French hosting provider OVH, who uses this for their own technical staff.
Category
OpsShit, Sec