v0.6.5

Changes

• f967609: Added unattended setup command (warpgate unattended-setup) - fixes #409
• 7066dd5: Added password recovery command (warpgate recover-access) - fixes #410
• Added option to forward username to SSH targets as-is #445 (Alex Donec)
• Removed the 1 second auth delay on SSH - #459 (Eugene Pankov)
• c236da5: Added support for MySQL and PostgreSQL as database storage (database_url config option) - fixed #452

UI improvements

• 67866fe: added visual feedback to save buttons
• fd993c4: autofocus the OTP field - fixes #386
• 5bdddd3: allow cancelling authentication

Fixes

• fixed scp freezing up - #479 (Eugene Pankov)
• a8e21b3: fixed session recordings not getting cleaned up - fixes #310
• 512396f: fixed #406 - Apple ID URL redirect
• 6f39338: fixed #406 - construct correct SSO URLs behind a reverse proxy

v0.6.4

Changes

• 773bf19: added missing channel success messages - fixes #349, fixes #364 - Termius, WinSCP and FileZilla compatibility
• deab505: fixed #353 - auto-enable auth policy when adding an OTP after a password or a public key
• 04e5ecf: #353 - forbid HTTP caching for API endpoints

v0.6.3

Changes

• 410e445: fixed login redirect not working during OOB auth
• a0fea63: auto-close OOB auth window when done
• 3157077: fixed #350 - deleting targets/users with assigned roles from the UI
• 6355c59: fixed #346 - policy editor incorrectly adding OOB auth for HTTP protocol

v0.6.2

Changes

• f806f32: fixed #316 - SSH in-browser auth hanging

v0.6.1

Major updates

• Targets, roles and users are now stored in the database instead of the config file
  • Your existing data will be automatically migrated into the database
  • To stave off the migration, set config_provider: file on the top level of your config file. File based target configuration will be removed in v0.7 however.

Changes

• SSH: added remote port and X11 forwarding - fixes #11, fixes #12
• SSH: record forwarded-tcpip channels
• fixed infinite HTTP redirect when the target redirects HTTP to HTTPS (#257)
• fixed #274 - don't pass-through the Host header
• fixed #269 - handle spaces in example commands
• added --debug CLI flag

v0.5.1

Changes

• 9c67009: fixed infinite HTTP redirect (#257)

v0.5.0

Major updates

• Added SSO support (OpenID Connect) for HTTP and SSH targets (#222)
• Added support for linking HTTP targets to subdomains
• HTTP: added support for tickets (as a GET parameter or Authorization header)

Changes

• HTTP: added X-Forwarded-* headers
• HTTP: session cookie is now set for all subdomains
• UI: added proper connection instructions for tickets
• UI: added test-target CLI support for HTTP and MySQL targets
• SSH: added support for AES-CTR ciphers, and diffie-hellman exchanges
• Sessions will be automatically killed if you revoke access by editing the config file
• Fixed scp not triggering target connection

v0.4.1

• fixed RSA public keys not getting accepted

v0.4.0

Major updates

• This release adds experimental support for MySQL targets. Check out Adding a MySQL target on the wiki. Also see Protocol support for limitations.
• All protocols are now disabled by default. If you've used warpgate setup to generate your config file, no action is needed. Otherwise add an explicit enable: true for the protocols you need.

Changes

• warpgate check now checks certificates and keys
• added TLS options for HTTP targets
• added ssh.host_key_verification setting that allows automatically accepting (auto-accept) or rejecting (auto-reject) unknown host keys

v0.3.0

Major updates

Warpgate now supports exposing HTTP(S) targets through the bastion in addition to SSH targets - see https://github.com/warp-tech/warpgate/wiki/Adding-an-HTTP-target

Migration notes

• ℹ️ The Docker image now needs a configuration file provided to it through a data volume - see Getting started on Docker
• ℹ️ The web_admin config key has been deprecated and renamed to http, and the web admin UI itself is now a part of the HTTP protocol handler.

Changes

• 6342fcb: HTTP targets support #116
• 6a9b965: Dark mode #160
• 6830c0c: Paginate sessions list, added filtering #161
• f0d6241: External host config option #162
• 890c5d8: Credential policies #163