[
https://issues.apache.org/jira/browse/GUACAMOLE-1283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17333409#comment-17333409
]
Nick Couchman commented on GUACAMOLE-1283:
------------------------------------------
[~shauntarves]: No, there has been no change in how permissions are enforced or
not - this is completely outside of Guacamole. All of the access to the shared
folder happens in the guacd process, as the user running guacd. The access
control is enforced by the underlying operating system and standard permissions
or ACLs, and not by guacd.
> Legacy RDP encryption may fail with "ERRINFO_DECRYPT_FAILED"
> ------------------------------------------------------------
>
> Key: GUACAMOLE-1283
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1283
> Project: Guacamole
> Issue Type: Bug
> Components: RDP
> Affects Versions: 1.2.0
> Environment: guacd 1.2 running in Docker on RHEL 7 deployed in AWS
> Reporter: Shaun Tarves
> Assignee: Mike Jumper
> Priority: Minor
> Fix For: 1.4.0
>
> Attachments: RemoteDesktop.txt, TerminalServices.txt
>
>
> We are experiencing semi-regular disconnects of the guacamole-server (guacd)
> while a user is interacting with a remote machine. Attached are the
> DEBUG-level logs, which we see every time we experience the disconnects. I'm
> not sure how to further debug this issue.
> {code}
> Feb 8 14:46:21 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Clipboard
> data received. Reporting availability of clipboard data to RDP server.
> Feb 8 14:46:24 ip-172-16-10-253 journal: guacd[84]: DEBUG:#011Clipboard data
> received. Reporting availability of clipboard data to RDP server.
> Feb 8 14:46:41 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Clipboard
> data received. Reporting availability of clipboard data to RDP server.
> Feb 8 14:47:13 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Clipboard
> data received. Reporting availability of clipboard data to RDP server.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Clipboard
> data received. Reporting availability of clipboard data to RDP server.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]:
> DEBUG:#011ERRINFO_DECRYPT_FAILED (0x00001192):(a) Decryption using Standard
> RDP Security mechanisms (section 5.3.6) failed.
> Feb 8 14:47:22 ip-172-16-10-253 journal: (b) Session key creation using
> Standard RDP Security mechanisms (section 5.3.5) failed.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011BIO_read
> returned a system error 104: Connection reset by peer
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: ERROR:#011Connection
> closed.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Unloading
> device 0 (Remote Access Filesystem)
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011SVC "rdpdr"
> disconnected.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011SVC "rdpsnd"
> disconnected.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: INFO:#011Internal RDP
> client disconnected
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: INFO:#011User
> "@5dd34373-1e17-4091-9670-c00fc2d68684" disconnected (0 users remain)
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: INFO:#011Last user of
> connection "$60bea827-60a1-403b-84b8-3c7358f490ee" disconnected
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Requesting
> termination of client...
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[148]: DEBUG:#011Client
> terminated successfully.
> Feb 8 14:47:22 ip-172-16-10-253 journal: guacd[8]: INFO:#011Connection
> "$60bea827-60a1-403b-84b8-3c7358f490ee" removed.
> {code}
> Attached are the MS Event Logs for the `RemoteDesktop*` and
> `TerminalServices*` log sources
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
