Kyber 0.24.0

This release introduces basic password authentication, allowing server administrators to require a password before clients can connect. For deployments that do not need token-based authentication at all, the JWT backend can now be disabled entirely, simplifying the security model for simpler setups.

Cross-origin protections in the server have been tightened, reducing the attack surface for browser-based deployments. The Intel Quick Sync (QSV) encoder initialization bug that prevented QSV encoding from starting in some configurations is fixed. Log verbosity can now be controlled with the KYBER_VERBOSE environment variable without editing configuration files, which helps with debugging in production environments. The QUIC transport layer has been updated to wtransport 0.7.0, replacing the previously pinned pre-release build. The clipboard is now size-limited on the input handling side, preventing unexpectedly large clipboard payloads from being forwarded across the connection.

On the web client, the sidebar is now scrollable, fixing layouts where many options were cut off. A button to send Ctrl+Alt+Del directly to the host has been added to the sidebar — useful for Windows remote desktop scenarios. The web client also gains the same basic password authentication support as the desktop client.

Changelog

• Rename kysdk components
• Correctly place shebang in build scripts
• kyclient: Update VLC. Kymux branch is now based on 4962271021
• kycontroller: Correctly log toml parsing errors
• kymux: Update wtransport to official 0.7.0
• kynput: Limit clipboard size
• kycontroller: Improve cross origin protections
• Add basic authentication password support
• Allow to disable jwt backend
• kyavserver: Fix QSV acquisition
• kyavserver: set log level based on KYBER_VERBOSE environment variable
• (web) sidebar is now scrollable
• (web) sidebar: Add a button to send Ctrl+Alt+Del to the host
• (web) Add basic authentication password support