I wanted a way to let a non-technical teammate operate a Linux server without ever opening a terminal — move files, check logs, restart things — without handing them root or a scary control panel. That turned into Hublo: a macOS-style desktop, in the browser, for your server.
There are two design decisions I think are worth sharing: how it stays safe, and how it lets strangers ship apps you can install without trusting their code.
👉 Source (MIT): https://github.com/adsofts/hublo — there's a 30-second demo at the top of the README.
1. The security model: it only does what you can
Most server web UIs (Cockpit, Webmin…) run a privileged daemon as root. That's a big, permanent attack surface.
Hublo takes the opposite approach. When you log in with your normal Unix username + password, the gateway opens an SSH session to localhost as you, and performs every action through it:
- files via SFTP
- the terminal via a real PTY
- everything else via
exec
Top comments (0)