Bastillion

Bastillion is a web-based SSH console and key management tool for centrally managing administrative access to systems. It acts as a bastion host, giving administrators a browser interface for SSH access instead of connecting to each system directly.

It supports 2-factor login with Authy or Google Authenticator, SSH public key management and distribution, secure web shells, and command sharing across sessions. It can stack TLS/SSL over SSH, supports Ed25519 SSH keys by default, and also supports Ed448 keys. Internal auditing can be enabled in configuration and log4j2.

Bastillion runs as a Java 21 and Jakarta EE 11 web application with Jetty startup, including a daemon mode. Installation is available as a free release and through AWS Marketplace. LDAP role names can sync users with Bastillion profiles, admins are added on first login, and the software is available under the Prosperity Public License by Loophole, LLC and Sean Kavanagh.