Nope, an application like this can’t work as a flatpak as the sandbox prevents almost all shell functionality and makes the application unusable. Yes, the AppImages are basically the best solution for immutable operating systems.

I think in the end you still have to exercise some trust. There are things like audits, but these are costly and not an option in the current stage. Maybe in the future. Best I can do is to provide transparency by open-sourcing large parts of the codebase and providing detailed security information like https://docs.xpipe.io/reference/security.

As someone who sometimes sells to the german public sector, it is true that they would prefer a good open source solution if it was available. But me being a german vendor makes up for it, as they still prefer this a lot more over any US-based vendors.

In general about the key handling, XPipe doesn’t read any kind of keys itself, it only forwards them to the local OpenSSH client. It is essentially a wrapper around in existing ssh client, and doesn’t implement anything related to key handling itself.

I think if you have a specialized tools with openstack, XPipe probably can’t compete with that in that area. But it can make your life easier in a lot of other areas and common tasks when it comes to accessing many servers.

About the FOSS requirement, I know that this is a dealbreaker for some. That is a tradeoff when going the commercial route

Right now, you have to set the user separately. But I will think about fixing this for next release, there already is a way to configure a default identity for new connections, but it does not apply to teleport yet

Yes, the community edition doesn’t have any limitation.

For paid plans, it’s relative to the average usage and activations across all licenses. E.g. if you, as an enterprise, purchase licenses for 5 users, but have a usage like other customers with 20 users, I might inquire about how you are using it. If it is a special case where you install and use it on many servers and VMs in parallel, this can be taken into account and the limits can be adapted. But in general, the license limits are permissive and do not interfere with your usage.