KeyleSSH
Truly keyless SSH. Private keys don't exist: not on servers, not in bastions, not in browsers, not even in memory.
SSH authorization signing happens across a decentralised network of ORKs using threshold cryptography, so no single node can ever sign alone. Browser-side terminal, policy-based RBAC via TideCloak, even browser-based RDP and a QUIC VPN with NAT hole-punching.
- TypeScript
- Rust
- Threshold Crypto
- WebRTC / QUIC
- xterm.js