Author

Mathan

Platform Engineer

Mathan works on the LynxTrac agent and the remote-access stack: the transport layer, the protocol plumbing, and the parts that have to survive bad networks. He writes about SSH, remote desktop, security trade-offs, and how the internals actually work.

20 posts · all posts

Security May 30, 2026 · 4 min read

SSO and built-in XDR land in LynxTrac

Two things teams kept asking for are now live: single sign-on over SAML and OpenID Connect, and a Wazuh-powered XDR and SIEM suite on the agent you already run.

KMS Feb 22, 2026 · 3 min read

Using AWS KMS for secure SSH credential management

Storing SSH credentials safely is harder than it looks. AWS KMS fits into a modern access flow in specific ways, with specific frictions and pitfalls worth naming.

Remote Desktop Feb 21, 2026 · 2 min read

When to use browser-based vs thick-client remote desktop

Browser remote desktop is not always the right call. The decision grid we use to pick between web and native clients is small, but it covers most of the real cases.

SSH Feb 19, 2026 · 5 min read

Is browser-based SSH secure?

A walk through the actual threat model of browser-based SSH, what it trades away, and what it gains. The answer isn't a one-liner, but it's close.

SSH Feb 17, 2026 · 4 min read

SSH access without sharing private keys

Why key-sharing is the silent disaster in most ops teams, and a practical pattern for getting rid of it without a six-month rewrite of how you do access.

Port Forwarding Feb 14, 2026 · 3 min read

Secure port forwarding without exposing services

Port forwarding gets services reachable, and accidentally everyone else. Here are patterns for controlled forwarding that do not turn firewalls into rubber stamps.

Remote Access Feb 10, 2026 · 3 min read

Why remote access should never be a standalone tool

Remote access without context is just a shell in the dark. Access, monitoring, and audit belong on one surface rather than three separate purchases.

Security Feb 5, 2026 · 2 min read

Security trade-offs of browser-based access

Browser-based access removes VPNs and shared keys, but it is not a free lunch. The honest trade-off list is short, and every item on it is mitigatable.

Remote Access Feb 3, 2026 · 4 min read

How VPN-free remote access works

What the outbound-agent model actually does, versus what a VPN does. Written because enough people have asked variations of 'so how is this different from Tailscale?'

SSH Feb 2, 2026 · 3 min read

Browser SSH vs traditional SSH: what actually changes

We put a team on browser-based SSH for six months. What genuinely changed day-to-day, what turned out not to matter, and the two places new operators still get stuck.

Remote Desktop Jan 21, 2026 · 3 min read

Secure remote desktop and SSH access for modern IT teams

IT teams need shell and desktop access without shipping another client. LynxTrac unifies both into one audited, browser-based surface that changes how access actually feels.

Automation Jan 17, 2026 · 4 min read

RMM automation recipes: workflows that save hours every week

Seven specific automations our customers run across their fleets, ranked by how often they fire and how much pager noise they prevent.

Deployment Jan 12, 2026 · 3 min read

Continuous deployment for IT operations: shipping changes safely

Continuous deployment used to be a product-team practice. IT teams are now adopting CD for infrastructure, and what that actually looks like in practice is worth unpacking.

Remote Access Jan 10, 2026 · 3 min read

Secure remote access for modern IT teams: what really matters today

Most remote access checklists are stuck in 2015. Here are the controls that actually matter for IT teams operating across cloud, hybrid, and remote-first realities.

Automation Dec 31, 2025 · 3 min read

From alerts to auto-fix: building self-healing IT systems

Alerts that only notify you about a problem are half a solution. Teams use LynxTrac automations to turn those alerts into auto-remediation without waking a human.

Log Analysis Dec 14, 2025 · 3 min read

Log aggregation and analysis for faster root-cause analysis

Aggregated, searchable logs turn a six-hour incident into a 20-minute fix. Log pipelines that actually support RCA take more thought than shipping everything to one place.

Automation Dec 7, 2025 · 3 min read

10 essential IT automation workflows using LynxTrac

Here are ten IT automation workflows, from patch deploys to user onboarding, that teams stand up in their first week on LynxTrac.

Remote Access Nov 26, 2025 · 3 min read

The fastest remote access: how LynxTrac delivers low latency

Remote access usually feels like a compromise. LynxTrac keeps round-trips tight so terminal sessions feel local instead of sluggish, with work happening at every layer.

Remote Access Nov 5, 2025 · 2 min read

Remote access reimagined: fast, secure, and frictionless with LynxTrac

Legacy remote access fights against every modern operating constraint. LynxTrac rebuilds the experience around outbound tunnels, browser UX, and full audit trails.

Automation Oct 22, 2025 · 3 min read

Automation in IT: from manual tasks to zero-touch operations

Zero-touch operations is not a fantasy. It is a series of small automations that compound, and the path teams take to get there tends to look roughly the same.