HN Showcase
Back to browse
GitHub Repository

SSH login with SSO. Lightweight alternative to Teleport & Smallstep

26 starsGo

Sshifu – Give SSH access in 1 command. Teleport/Smallstep alternative

by azophy_2·Apr 5, 2026·4 points·3 comments
Visit ProjectView on HN

AI Analysis

●●SolidSolve My ProblemShip It

Lightweight SSH CA that skips Teleport's complexity for small teams.

Strengths
  • Uses standard OpenSSH certificates instead of custom agents
  • Bash script trust setup avoids Node.js dependency on servers
  • OAuth offboarding instantly revokes access without key cleanup
Weaknesses
  • Vibe-coded early stage raises security concerns for production
  • Depends on external OAuth provider availability for all logins
Target Audience

DevOps engineers, small teams managing server access

Similar To

Teleport · Smallstep · SSH Certificate Authority

Post Description

Hey HN! Over the past few years, I’ve spent way too much time copy-pasting SSH public keys just to give people access to servers. It always felt like a chore, and the security risks (offboarding, revocation, etc.) aren’t great either.

I looked into solutions like Teleport and Smallstep, but they felt a bit too heavy and complex for what I needed.

So over the past few weeks I vibe-coded a small solution to scratch my own itch: sshifu.

The idea is simple — you set up a “sshifu server” as an auth server, configure your SSH servers to trust it, and then giving access is just telling someone to run:

"npx sshifu sshifu-server.com ssh-server.com"

That’s it. No more copying keys or touching "authorized_keys".

It’s still early and a bit rough around the edges, but it’s been working well for me so far.

Would love feedback — what’s missing for real-world usage, and what would stop you from using this?

Similar Projects