Would two-factor authentication and certificate-based authentication help alleviate some of those security concerns? Because Webmin has both of those.
We actually take security seriously, as any software that provides root-level access to a million servers must, though I don't pretend we will ever be bug-free or that we can ever guarantee security (even SSH has had major security bugs). We're considering setting up some sort of bug bounty to help sniff out security bugs, but haven't figured out how best to implement that.
I actually thought a bit about that after posting. I would be more inclined to use a web based admin interface today, than just a few years ago; the TLS stack is not as bad as it was; we've come further wrt ciphers - and the web servers themselves have seen (more) hardening.
The thing is; I already use ssh. Adding another network service doubles the attack surface.
Then there's the ux problem for browsers and certs. Using certs with ssh is complicated enough (it's still on my todo-list, I use/require keys - but key management is not trivial for more than a handful of servers).
Ssh also finally have easy/proper 2fa support now: setting up totp+keys is quite trivial. Add password+totp for sudo locally and you have half-decent ux and security.
And while ssh has had some security issues, it's been a while since the last big one. In contrast with all the things that go wrong with web apps (xss, session-hijack etc).
All that aside, certs+2fa (and the ability to disable pw auth) goes a long way.
Btw for any other grumpkins reading; I just discovered scoop and found out powershell seems to finally be usable in windows 8.1 pro even for part-time ms users.
Run>powershell
set-executionpolicy unrestricted -s cu
iex (new-object net.webclient).downloadstring('https://get.scoop.sh')
#yeah, I know - no signarure, code from curl...
#but this is windows, beggars can't be choosers
scoop bucket add extras #optional
scoop install ssh
If you want oneget, it's in the extras-bucket iirc:
scoop install oneget
But while scoop could use some love (eg vlc is a point release behind oneget/chocolaty) -- it's much nicer than the FindPackage mess IMNHO.
We actually take security seriously, as any software that provides root-level access to a million servers must, though I don't pretend we will ever be bug-free or that we can ever guarantee security (even SSH has had major security bugs). We're considering setting up some sort of bug bounty to help sniff out security bugs, but haven't figured out how best to implement that.