MeshCommander - Quick TLS, GitHub, Twitter

MeshCommander is an open source Intel® Active Management Technology (Intel® AMT) management console tool. Version 0.8.1 just got released with much to talk about. MeshCommander has had many minor releases since v0.8.0 to fix various issues, but in v0.8.1 there is a new “Quick TLS” feature that allows users to setup Intel AMT with TLS and switch to a more secure connection in only two mouse clicks. Even more significantly, MeshCommander is now on GitHub making it possible for the community to track changes and contribute with feedback, bug reports and pull requests. In detail:

- Quick TLS. Using Intel AMT without a secure connection may be ok in some cases (some private network and VPN situations), however for most use cases, it’s not ideal. In the past, setting up Intel AMT with TLS required various tools, a certificate authority and enough knowledge of Intel AMT.  With MeshCommander v0.8.1, you can now setup TLS with just two clicks. When connecting to Intel AMT without TLS, a red indicator will show up suggesting switching to TLS. Just click on it and confirm. MeshCommander will perform the following steps.
  •         It will issue a dummy certificate to intel AMT.
  •         It will “pin” the hash of this certificate into its stored list of computers.
  •         Enable TLS on Intel AMT using the dummy certificate.
  •         Reconnect to Intel AMT using TLS.
Note that non-TLS connections will still be allowed in order not to break any existing software, but this can be turned off. Also, if TLS is already setup, the “Quick TLS” feature will just pin and reconnect. In general, this makes it very easy to setup a secure connection with Intel AMT in environments where the infrastructure to do so does not exists. Once pinned, MeshCommander will verify the hash of the certificate on each connection. 

- MeshCommander on GitHub. This has been required by the community for a long time, MeshCommander is finally on GitHub. In the past year, there have been submissions of MeshCommander issues on the MeshCentral GitHub page which was not ideal. This will make it a lot easier to accept community contributions, track changes and get bug reports and feedback. The GitHub readme file includes how to install MeshCommander in many ways, from a standalone tool to within the Intel AMT flash space.

- MeshCommander on Twitter. There is a new way to get updates on MeshCommander with the all new MeshCommander Twitter Channel. This is a great way to see that is going on in small bites and the channel is updated more frequently.

Feedback appreciated,
Ylian
Blog: https://meshcentral2.blogspot.com/
GitHub: https://github.com/Ylianst/MeshCommander
Twitter: https://twitter.com/meshcommander


Popular posts from this blog

MeshCentral - Windows ARM64, NodeJS v11, NPM Packages

Image
Hi all. It's been a while since I last posted and now that I am settling a bit more in my work at Microsoft, I have a bit of time to occasionally look after MeshCentral again. It's about time, there where a bunch of things that needed to get fixed. Before that, I want to say that I am doing great. I am working on Microsoft Forms which is one of the offerings of Microsoft 365. For kicks, I started a YouTube channel on Microsoft Forms here during a Microsoft hacking week. I tried to up my game since the videos I last published for MeshCentral. Also, I wanted to share pictures below. I was at a Tesla Supercharger last weekend and, by luck, got to see a Tesla Cybertruck in person. It's very big. Obviously, this is a release candidate driven by a Tesla employee. I saw it after attempting to see the solar eclipse over Oregon, but sadly, too many clouds and saw nothing. In any case, back to MeshCentral. In the last few months a few things have happened with the new releases. Wind...
Read more

Starting work at Microsoft

Image
Hi everyone. It’s been a while since the last blog post and I wanted up update everyone on what is going on. As many of you know already from a discussion on GitHub , Bryan and I have been laid-off from Intel in early November 2022. This was quite a surprise as MeshCentral, MeshCommander, MeshCMD and other tools where widely used. This said, Intel has been having poor financials and Bryan and I where part of a very large first wave of downsizing by the company that involved many people that I know and worked with for a long time. I had been working for Intel for over 25 years having started in September 1998. Over the years I worked on IPsec key negotiation, Universal Plug & Play, DLNA and Intel® AMT. I loved working on all these projects and especially loved working with the open-source community on Mesh projects. Obviously, this was not my decision and Bryan and I had look for what comes next. One option was to continue working on MeshCentral as part of another company or with...
Read more

MeshCentral - New Windows Agents - Installation Dialog, Customization and Server Lock

Image
Lots is going on with MeshCentral, just yesterday Bryan Roe released a new MeshAgent for Windows with many improvements. An improved installation dialog box, logo customization and, to continue MeshCentral’s leadership in security, a new agent code signing locking feature that will surely be used by many to improve trust and security of their MeshCentral installation. In addition to this, we have many more server improvements to cover. In detail: MeshAgent with improved installation dialog box . The new MeshAgent for Windows is much improved with months of changes and bug fixes. The most noticeable feature is by far the new installation dialog with the new logo and connection details button. The new installer is a lot friendlier and easier on end-users. MeshAgent with improved customizations . In addition to all the existing agent customizations available in prior versions, the MeshAgent has new server settings for the installation text and logo. You can now set your own 200x200 PNG c...
Read more