ContainerSSH launches a new container for each SSH connection in Kubernetes, Podman or Docker. The user is transparently dropped in the container and the container is removed when the user disconnects. Authentication and container configuration are dynamic using webhooks, no system users required.
An SSH Server that Launches Containers in Kubernetes and Docker
ContainerSSH in One Minute
In a hurry? This one-minute video explains everything you need to know about ContainerSSH.
Need help?
Join the #containerssh Slack channel on the CNCF Slack »
Use cases Build a lab
Building a lab environment can be time-consuming. ContainerSSH solves this by providing dynamic SSH access with APIs, automatic cleanup on logout using ephemeral containers, and persistent volumes for storing data. Perfect for vendor and student labs.
Debug a production system
Provide production access to your developers, give them their usual tools while logging all changes. Authorize their access and create short-lived credentials for the database using simple webhooks. Clean up the environment on disconnect.
Run a honeypot
Study SSH attack patterns up close. Drop attackers safely into network-isolated containers or even virtual machines, and capture their every move using the audit logging ContainerSSH provides. The built-in S3 upload ensures you don't lose your data.
How does it work?
▶️ Watch as video » | 🚀 Get started »
Demo
Contributing
If you would like to contribute, please check out our Code of Conduct as well as our contribution documentation.
Twice a month we will interview people behind open source businesses. We will talk about how they are building a business on top of open source projects.
We'll never share your email with anyone else.