Effortlessly manage remote shell access for your team

Yes. We created TeamShell for strongly secure using shell. The data between client <-> central server and node <-> central server is end-to-end encrypted. It's no matter you're running cloud or hosted version plaintext session data never hits central server. Thus, if you prefer to be self-hosted, it is safe to install TeamShell to the public cloud.
From the client side, extra security is provided by 2-factor authentication.

We use gRPC as control protocol and NATS for session streaming. The local communication is built on HTTP/Websockets.

Keys are generated indepedently on client side and nodes. Losing a client's key will have no impact, but node keys must be stored safely, as they are used to encrypt and decrypt session data. Losing a node key will result in lost session history. Node keys may be generated beforehand, or the node can automatically generate the key.

Node service configurations can be stored either in a file or the database. If you choose the database, you can edit the config directly from GUI. For better security, the config itself is stored in an encrypted format within the database. Hence, only the node can read the config using its key.

If you edit the node config using the database GUI, graceful reload is performed. Otherwise, you can send the USR1 signal to process, which will lead to a graceful reload.

Traditionally connection to host means connection via SSH and running default interpreter (i.e., Bash). In TeamShell, this default behavior is preserved, but users are not limited to it. You may define any other command as an entry point (e.g., psql, htop, tail, etc.) Once you exit this command, the session ends, acting as an additional limitation measure, while providing access to sensitive hosts.

The GUI supports Linux, MacOS, and Windows. TUI can run on Linux, MacOS, and WSL on Windows. Node can run on Linux (including Docker/k8s).