This release introduces Linux PAM integration for extended SSH and sudo authentication and a basic AWS IAM authentication HTTP reverse proxy, to protect internal services behind AWS IAM auth.
PAM integration
Due to the PAM integration the recommend SSH configuration includes an additional step for authentication (pam). This step requires the user's first personal AWS IAM secret key + MFA code as the password. MFA is required and non-optional at this release.
AWS IAM authentication HTTP reverse proxy
The simple reverse proxy authenticates users against AWS IAM using the same procedure as the PAM integration. Session duration is hardcoded in 2 hours.
λ sha512sum bastrd*
f2c25f4cb7ba6abaab91433af39ec33a65b58102104e0ebbb694fcdf96bc89963b11f6ff0cd4f821088660d7b7488eccd70932e3719cf10b48ddc595a1d72334 bastrd-linux-amd64
d0666347eaef29594bb5657c06bdf928b79b297914a28aee29a470ef73d4a029c8b6fa3da0ebeda4eec6f95c1a1cdbc4a906a2ec7081058d8c11be819097d4a7 bastrd-linux-amd64.gz