Well, that would be too much simpler than actual requirements, sir. Client's IP is not fixed or expected in most cases.
Would you provide some information on this? E.g., what file of the pveproxy CA verification module i need to change.
I don't think it would be too tough for me make it happen.
SSL supports client validation that requires a web client to submit a certificate that it owns (has) before a secure connection is established. Such will help to reduce the risk caused by brute force ( super admin user name is known -- root), as well as the risk caused by its default https...
After I referenced wiki pve.proxmox.com/wiki/Raid_controller#Dell
I found out that all Dell Raid controllers listed in Proxmox wiki are no longer available in the market.
I am about to test Proxmox on a Dell R330...
I'd like to have the HE examine peer certificate before anyone could log-in HE web-access.
Then it would be kindda 2FA that helps to stop brute force. And such seems to be the only way to log remote client with correct remote IP + user name under SSL.
Anyway I have no knowledge...