[
https://issues.apache.org/jira/browse/GUACAMOLE-547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16571797#comment-16571797
]
Nick Couchman commented on GUACAMOLE-547:
-----------------------------------------
No worries, David, I haven't had much time to do much with it.
I concur that the "none" method is valid, and I've seen it on both Cisco and
some other types of devices (Brocade, I think). It's also not surprising
that's what they're using. I, however, have not had any luck locating
documentation on how to actually use that authentication method with OpenSSH.
If you find something, let me know - it's hard to develop support for it in
Guacamole without something to actively test it against :-).
Thanks!
> Add support for the "none" SSH authentication method
> ----------------------------------------------------
>
> Key: GUACAMOLE-547
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-547
> Project: Guacamole
> Issue Type: New Feature
> Components: SSH
> Environment: Linux 4.13.0-1012-azure #15-Ubuntu SMP Thu Mar 8
> 10:47:27 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
> Reporter: David Hauk
> Priority: Minor
> Attachments: guacd_debug_fail.txt, openssh_verbose_successful
> connection.txt
>
>
> When connecting to embedded devices that implicitly allow SSH access guacd
> fails when the authentication method is (none). The devices permit any SSH
> user with no password access to the console, and then provide authentication
> internally via their interactive shell.
> Test cases:
> # no username and no password configured: Guacamole requests both, then
> fails to connect.
> # username but no password: Guacamole requests password, and then fails to
> connect.
> # username and password: Guacamole asks for no input, and then fails to
> connect.
> I've attached guacd debug logs from the failed connection attempts, plus
> OpenSSH (-vv) logs from a successful connection. (Files have been suitably
> redacted). The bit they share in common is they both state "Authentication
> (none)" but OpenSSH proceeds with the connection, while guacd terminates the
> connection:
> Guacd:
> {code:java}
> guacd[100079]: DEBUG: Successfully connected to host 192.168.233.20, port 22
> guacd[100079]: DEBUG: Supported authentication methods: (null)
> guacd[100066]: INFO: Connection "$abc52848-a11c-4397-a657-7c2d4bfdb5e9"
> removed.{code}
> OpenSSH:
> {code:java}
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentication succeeded (none).
> Authenticated to 192.168.233.20 ([192.168.233.20]:22).
> debug1: channel 0: new [client-session]
> debug2: channel 0: send open
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
