Posts

Showing posts from January, 2019

MeshCentral2 - OS support, Browser Tabs, Location & Security

Image
MeshCentral is an open source web based remote computer management web site. The last 2 weeks have been packed with an average of more than two releases a day. This rapid rate has been necessary in order to support the online feedback from everyone installing MeshCentral and giving it a try.

This week, Bryan Roe really shined has he installed more different Linux distributions virtual machines than I have ever seen before. Bryan is testing the MeshAgent on as many Linux variants as he can get his hands on. The remote desktop feature is especially difficult to implement correctly on different Linux distros. Remote desktop is now working on Windows, MacOS, Ubuntu, PepperMint, Zoran, SUSE, Linaro, Fedora, CentOS and Raspbian. A very impressive task. More debugging is being done on all these operating systems, but it’s looking good so far, screenshots below.

In addition this week:You can now Shift-Click on a device in MeshCentral to open it in a different tab. This has been an often request…

MeshCentral2 - Two-step authentication support

Image
MeshCentral is being deployed at an ever increasing rate with more computers being managed it’s important that it be done as securely as possible. Last week, the MeshAgent got TPM support for hardening of device identity, this week it’s the user’s turn to have improved authentication with support for Google Authenticator and compatible applications.

When logging into a web site, users are normally prompted for a username and password. This however can be a weak form of authentication. Especially for sites like MeshCentral that manage many computers, it’s important to authenticate users in the most secure way possible. One solution is RFC4226 and RFC6238 that standardize a way to transfer a pre-shared key to a user and compute a time limited token than is a second login factor. Google has a quick guide on 2 step authentication here which can be helpful.

Starting with MeshCentral v0.2.6-j there is now full support for 2-step login. This is an optional process and to get it setup, users …

MeshCentral2 - Design Document, TPM support, Speed & IoT

Image
This holiday break was no break for MeshCentral as it continued to progress. Big thanks to the people that post issues on GitHub. Because of the community, MeshCentral is getting a lot better and issues that would be difficult to find are being fixed. Over the past month a lot of things have changed and here is a small rundown of some of them:
Published the first version of the Design and Architecture document. This new document comes on top of the existing Install Guide and User’s Guide documents. It covers the internal workings of MeshCentral including the programming languages used, the dependencies, certificate generation, connection authentication, security and much more. The goal here for anyone to be able to get a good grasp as to how MeshCentral2 was designs, the trade-offs and how the security works. This is the first published version. Obviously, this document will grow in size as times permits. One possible use of this document is so that anyone can conduct a security review…