-
Ockam
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
sshd-cloudflared
Access you work directory from anywhere using a Dockerised SSH daemon tunnelled through cloudflare. Debug your GitHub workflows with SSH tunnelled through cloudflare.
We’ve been working on something (https://github.com/build-trust/ockam) that enables exactly this, among a whole host of other use cases. If you check out some of the code examples in the docs you’ll see how to setup a tunnel using the CLI.
For other use cases there’s also the programming libraries (only Rust atm, though I was spiking a TypeScript/Node PoC this week) which might provide more flexibility. Personally I’m excited by the idea of being able to move this kind of secure by design connectivity all the way into the application layer though.
I wrote something tangentially related, but for single user.
"gofwd" is a cross-platform TCP port forwarder with Duo 2FA and Geographic IP integration. Its use case is to help protect services when using a VPN is not possible. Before a connection is forwarded, the remote IP address is geographically checked against city, region (state), and/or country. Distance (in miles) can also be used. If this condition is satisfied, a Duo 2FA request can then be sent to a mobile device. The connection is only forwarded after Duo has verified the user.
https://github.com/jftuga/gofwd
I wrote something similar to be able to run vscode against any remote machine. This was before vscode's own tunnels.
https://github.com/efrecon/sshd-cloudflared
It automatically runs a dockerised sshd to access your directory. The sshd is configured using your github's keys to protect access.