Pritunl Zero v1.0.2678.71

Releases
1

Pritunl Zero v1.0.2678.71 has been released. This release adds a new logo, additional SSH authority options and fast single sign-on login.

New Logo and Login Page

A new logo has been added to the web console header and the login page has been redesigned to show the logo.

zero_new_login
zero_new_login465×517 13 KB

SSH Key ID Format

An option to change the format of the SSH certificate key ID has been added to the authority settings. This allows scripting with the SSH server AuthorizedPrincipalsCommand configuration. An option such as AuthorizedPrincipalsCommand /bin/bash -- /path/to/script.sh %u %i will execute the script with the Linux username that is requesting ssh access and the key ID from the SSH certificate. This script can then return a list of authorized principals or user roles as specified in Pritunl Zero.

key_id_format
key_id_format464×297 16.3 KB

Fast Single Sign-On

When only one single sign-on provider is configured fast login can be configured. This will skip the login page prompting the user to select a provider and instead redirect directly to the single sign-on provider. The Fast single sign-on login option will activate for all login pages if there are no local users and only one single sign-on provider. The Force fast user single sign-on login and Force fast service single sign-on login will use the fast login for non-admin user and service logins even if there are local users. All options require that only one single sign-on provider is configured.

fast_single_sign_on
fast_single_sign_on480×148 11.7 KB

2

Hi!

The Fast SSO function seems great but having some issues. In general when we set any of the new options after saving and coming back to the settings page they are again de-selected.
Also could you clarify the difference between:

  • Force fast user single sign-on login
  • Force fast service single sign-on login

What we would like to have is the following:

  • Local user only allowed on zero admin panel
  • All services should be SSO only, fast login, no local user option (we only have one provider)

Thanks!

3

I can’t reproduce any issues with saving the settings. This could be caused by running multiple hosts on a load balancer mixing older versions that don’t have the option.

4

Hey @zach ,

I’m running a standalone with mongoDB 5.0 (just upgraded from 4.2/4.4) and still have this issue.
Check video below. Any idea?

Thanks

5

This has been fixed in the unstable release yesterday. This should move to the stable repository today.