Foxpass is excited to officially announce some new features we've rolled out over the past few months.
We've launched our cache! The Foxpass Cache allows you to run a caching system on your own servers that will serve as a backup authentication system if your hosts have trouble reaching our servers. If you missed the original announcement or want to know more, read here.
Custom Temporary Access Times
You can now set exact end dates and times for temporary group and hostgroup memberships. Enforcing Principle of Least Privilege is now easier than ever before. You can try out this new setting on the 'Groups' and 'Host Groups' pages.
Limit Password Changes
Password changes can now be rate limited for users. You can prevent users from changing passwords more than once every 24 hours, for example. Admins still have the ability to set user passwords regardless of the last time it was changed. Go to the 'Authentication Settings' page to enable this feature.
Foxpass Authentication - Delegated Authentication
If your company uses Foxpass authentication to log in, you can now add delegated authentication to your LDAP and RADIUS systems. You can delegate authentication to Okta, Bitium, OneLogin, or another LDAP server. Your users will still use their Foxpass password to log into the console. You can configure delegated authentication on the 'Authentication Settings' page.
Non-domain Self Service
“Non-domain” users from outside of your organization can now log into the console using their Foxpass password. They can use our self service tools to change their passwords, upload their SSH keys, and more.
SSH Key Length Requirements
You can now enforce an SSH key length policy. Keys can have a required length of 2048 or 4096 bits. Any new keys uploaded with a shorter length will be rejected. Go to the 'Configuration' page to set a restriction.
Custom Home LDAP Directory
We’ve added the ability to set a custom home directory in your LDAP integrations beyond the default '/home/[username]'. You can update your LDAP configuration from the 'Configuration' page.
If you use SUDOers files to manage sudo permissions on your hosts, we’re adding the ability to manage SUDOers through our LDAP interface. If you’d like to try out the beta program for this feature, contact us via our live chat or at firstname.lastname@example.org.
We’re adding full support for OneLogin sync for users and groups. You can use sync to automatically import and update users, groups, and group memberships in Foxpass. Do note, if you’d like to enable group sync, user sync must be enabled first.