Homegrown implementation of Google Beyond Corp security system (Zero Trust)

After reading a interesting paper on how google handles their internal access to system called “BeyondCorp” (Zero Trust). I wanted to try and implement my own version. The Papers talks about using the ssh ProxyCommand directive to send SSH traffic through a authorizing proxy server that can limit access to specific system.

I created by own version of this system in three parts:

I created a video below explaining the entire system in detail.

Google BeyondCorp (Zero Trust) - SSH Over Websockets Demo