The latest articles on DEV Community by Aurelien Dippe (@aurelien_dippe_27be8338c6). https://dev.to/aurelien_dippe_27be8338c6 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4008965%2Fae32e377-892c-4448-a55c-f45649205797.png https://dev.to/aurelien_dippe_27be8338c6 en Aurelien Dippe Tue, 30 Jun 2026 04:49:26 +0000 https://dev.to/aurelien_dippe_27be8338c6/hublo-a-web-desktop-that-runs-as-your-own-unix-user-over-ssh-with-a-sandboxed-app-store-394n https://dev.to/aurelien_dippe_27be8338c6/hublo-a-web-desktop-that-runs-as-your-own-unix-user-over-ssh-with-a-sandboxed-app-store-394n <p>I wanted a way to let a non-technical teammate operate a Linux server <strong>without ever opening a terminal</strong> — move files, check logs, restart things — without handing them root or a scary control panel. That turned into <strong>Hublo</strong>: a macOS-style desktop, in the browser, for your server.</p> <p>There are two design decisions I think are worth sharing: <strong>how it stays safe</strong>, and <strong>how it lets strangers ship apps you can install without trusting their code.</strong></p> <p>👉 Source (MIT): <a href="https://github.com/adsofts/hublo" rel="noopener noreferrer">https://github.com/adsofts/hublo</a> — there's a 30-second demo at the top of the README.</p> <h2> 1. The security model: it only does what <em>you</em> can </h2> <p>Most server web UIs (Cockpit, Webmin…) run a <strong>privileged daemon</strong> as root. That's a big, permanent attack surface.</p> <p>Hublo takes the opposite approach. When you log in with your normal Unix username + password, the gateway opens an <strong>SSH session to <code>localhost</code> as you</strong>, and performs <em>every</em> action through it:</p> <ul> <li>files via <strong>SFTP</strong> </li> <li>the terminal via a real <strong>PTY</strong> </li> <li>everything else via <code>exec</code> </li> </ul> selfhosted javascript vue opensource