Skip to main content
Version: Developer

What's new in Kasm 1.18.0

Highlights

Features

  • Usability Enhancements

    • Increased maximum supported clipboard size for RDP workspaces to 25MB.
    • Added the hostname to heartbeat logs to make it easier to identify which server or agent a log is related to.
    • Updated Docker Run Config to support variable substitution. Expanded variables for storage mapping and volume mapping to also support custom attributes 1, 2, and 3 defined for the user.
    • When deleting OpenID or SAML configs we now make it clear that this will delete any users associated with the config and include an indication of how many users will be affected. In addition you can now edit an OpenID or SAML config to see the list of users associated with the config.
    • Support for rolling tags for Kasm Docker Plugins. The Kasm start script now upgrades Kasm plugins that use rolling tags. This feature includes scripts for admin plugin management---more info here: Plugin Management.
    • Made User searching case-insensitive in both the main User list view and in Groups.
    • Servers can now be assigned to Pools from the Servers list table.
    • Added Pool (database) ID as a display column in the Pool list view. The column is visible by default.
    • Added the Experimental Features flag to global settings.
    • Added support for setting default RDP thick client properties in generated .rdp files. See "Setting RDP Thick Client Properties" under global Server Settings for supported fields and instructions.
    • Added support for injecting custom DPI and display scaling parameters (dpi, width, height) into connection_info.guac.settings during creation of RDP-based Guacamole sessions. When missing from Server connection_info settings, Kasm will auto-populate these values based on the user's browser display environment.
    • Improved /opt/kasm/bin/restart and /opt/kasm/bin/stop to remove containers by default when stopping services. Multiple mode flags are provided, use --help with each script for more information.
    • Added support docs for RHEL 10.
    • Allow admins to force persistent profiles on container Workspaces. See "Enable Workspace Persistent Profile" in Container Settings.
    • Added support for client-based automatic sizing and scaling in RDP Native client sessions. Enabled allow_scale_factor in RDP Gateway. Updated FAQ notes for forced settings: Why does the desktopscalefactor property in the .rdp file not seem to have an effect?. Note: the desktopscalefactor rdp thick client property is deprecated and will be removed soon.
    • Added general support for importing Ed25519 keys and made Ed25519 the default format for user SSH key generation.
    • Added the ability to capture logs generated from within a Kasm workspace to enable troubleshooting failure conditions. To use this feature set enable_container_logging to True in the Group Settings.
    • Added support for systemd integration. More here.

  • Infrastructure Support Enhancements

    • Improved performance of orphan server cleanup on autoscale pools that have a large number of servers.
    • Added API Token Lifespan and API Token Refresh Leeway Server Settings.
    • Improved session launch times on deployments that have a large number of servers.
    • Increased the robustness of the autoscaling system and increased its efficiency when handling errors from Autoscale Providers.
    • Added authentication to improve security of Native Kasm Logging.
    • Removed the hardcoded Splunk prefix for HEC logging tokens, enabling integrations with logging endpoints that do not use the prefix. Note: extant Splunk tokens will have the prefix added if necessary during Kasm upgrade.
    • Updated the Docker Compose version used by the installer (2.38.1).
    • Added "Draining" mode to Kasm Agents.
    • Added automatic rotation of Autoscaled Kasm Agents.
    • Enhanced container healthcheck functionality with configurable timeout settings, backoffs and better error handling for service health validation.

  • Kasm Image Enhancements

    • Updated all images to KasmVNC 1.4.0, providing major improvements to containerized session streaming.
    • Removed file manager on browser-based images to remove the avenue of accessing the file system and/or breaking out of the browser in browser isolation use cases.
    • Added support for Vulkan GPU acceleration for Chromium based browsers.
    • Added Debian Trixie Core image for x86_64/aarch64
    • Added Debain Trixie Desktop image for x86_64/aarch64
    • Added Fedora 41 Desktop image for x86_64/aarch64
    • Added Obsidian image for x86_64/aarch64
    • Updated GIMP to version 3, bringing the latest features and performance improvements to the GIMP workspace
    • Added Cyberbro image for x86_64/aarch64
    • Added back SuperTuxKart image to our registry

  • Kasm Desktop Service

    • Fixed the installer to properly wait for existing service to stop before updating files, preventing partial upgrades.
    • Added automatic service version generation and reporting. The service version for each host is displayed in the admin UI Servers table, facilitating the management of large Windows deployments.
    • The installer now returns proper exit codes on failure, enabling autoscale scripts to detect failed deployments.
    • Fixed a bug where the service reported the system's FQDN instead of a hostname, which could cause the API service to throw an exception when the FQDN exceeded the hostname length limit of 64 characters.

  • Deprecations

    • The Share Server was removed in this release, which caused several other changes beyond the removal of the share service:
      • The Redis service is no longer needed and has been removed.
      • Chat functionality has been removed from shared sessions.
        • disable_chat has been replaced with disable_viewers in the Developer API.
        • ChatSFX has been removed from the user profile.
        • chat_history_messages has been removed from group settings.
    • Removed linuxserver.io and Twingate spotlight registries as they are either no longer maintained or will be unmaintained in the near future.

  • Custom Branding Enhancements

    • The label for the username input field ("Username Input Label") on the login page can now be customized through Application Branding.

Bugfixes

  • Fixed the bug where, if a session times out on launch, the redirect to the dashboard removes the error message before it can be read.
  • Fixed the bug causing the db healthcheck to log an error message.
  • Fixed a bug where long text in a notification would flow outside of the notification box.
  • Fixed a regression bug where only the first page of users was considered when searching inside a group.
  • Improved the error message displayed when an account is locked.
  • Fixed a bug that prevented the db container from using the rolling tag when specified during installation or upgrade.
  • Enabled manager and agent tornado log streams to be sent to centralized Kasm logs.
  • Fixed an issue causing the Pool dropdown to sometimes fail to populate when editing a Server config.
  • Fixed a bug in Egress Gateways where you could both 1) specify to not use all gateways and 2) not select a specific gateway, leading to odd behaviour.
  • Fixed the rare case where RDP HTTPS gateway could flood the Kasm Manager with logs.
  • Fixed a bug in the group SSO mapping where the "Assign all users" toggle would display in the off state, regardless of the actual value.
  • Fixed a bug preventing users from connecting to an AutoScaled Windows Server that was using the Kasm Desktop Service with the max simultaneous sessions per server set to 1.
  • Fixed a bug causing server pool workspaces to ignore resources in alternate zones.
  • Fixed a bug where the Egress modal wouldn't load previously selected gateways if "Allow All Gateways" was disabled. Also added messages to the launch form if a previously saved gateway is no longer available.
  • Added component and endpoint identifiers to JWT authentication / authorization failures, when available. The data appears as additional info in the expanded log record for the failure in the UI.
  • Fixed a case where, when a connection proxy server went missing, its heartbeat would not restore its status to "running".
  • Fixed an issue where installing an invalid registry wouldn't show the invalid entry, preventing you from deleting it. Invalid entries are now displayed, but we also improved the system's ability to detect and prevent invalid entries.
  • Fixed an issue where a Kasm Manager could get stuck in the "missing" state.
  • Fixed an issue with PWAs and casting links not working properly when connecting to an RDP type workspace with the RDP Client Options set to "User Selectable".
  • Fixed usernames not displaying correctly when switching between SAML or OIDC users and group users.
  • Fixed an issue where Proxmox was not using the provision timeout for API calls and could timeout early while provisioning VMs.
  • Fixed an issue in the wait_for_network_devices function in vnc_startup.sh for workspaces core images that interfered with IPvlan networking.
  • Improved the logging details from rdp_https_gateway containers in the case when the backend service is not ready.
  • Fixed and updated Cryptography and certify packages that had open vulnerabilities affecting the manager and net modules in RDPGW.
  • The use multimon RDP thick client property now defaults to enabled (True) when the control_panel.show_display_manager setting is not explicitly set. Previously, the fallback was False, which caused multi-monitor support to be disabled on fresh installations despite the global seeded default being enabled.
  • Fixed an issue where SSO domain field was sometimes not being populated in AutoScale configs.
  • Added periodic cleanup of orphaned helper containers to automatically remove those that are no longer associated with active sessions.
  • Fixed a bug where a user queued for an autoscaled server pool session could receive a session for a different pool when multiple server pool session requests were queued simultaneously.
  • Fixed an issue where long display names of Group settings were truncated in the first column of the settings table.
  • Fixed issue where slow requests from the Kasm Agent to Docker or the Kasm Manager could cause the Kasm Agent to not respond to requests.