Skip to content

Improve Security of Remote Support Sessions #1542

New issue
New issue
Open
Feature
Open
Improve Security of Remote Support Sessions#1542
Feature
Assignees
stephdl
Milestone
NethSecurity 8.8
@gsanchietti

Description

@gsanchietti
gsanchietti
opened on Mar 2, 2026

Proposed changes:

  1. Disable the remote support connection automatically after 24 hours.
    • Save the start of the remote session somewhere in the system (every place volatile is good enough)
    • Add a CLI command that allows the extension of such time, at the same time save that you extended the session
  2. Show the session expiration time inside the UI.
    • The UI should be aware if the session has been extended
    • Needs changes/additional APIs
    • JSON for saving the first point? This could be easily then thrown to the UI.
  3. Ensure SSH is reachable only from the support VPN.
    • Doubting this will work properly, let's give it a shot
  4. Evaluate how to limit access to the web interface for the support user to only a specified list of IP addresses.
    • Probably not doable without killing access to unwanted users

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

Feature

Projects

NethSecurity

Status

In Progress 🛠

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions