[
https://issues.apache.org/jira/browse/GUACAMOLE-1360?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Jumper closed GUACAMOLE-1360.
----------------------------------
Resolution: Invalid
The SHA-512 mode _does_ work, and Guacamole implements it correctly, but you
need to use a TOTP authenticator app that supports it.
For example, Google Authenticator does not support SHA-512. It will scan the QR
code but then silently ignore that configuration property and continue using
SHA-1, effectively generating incorrect codes:
https://github.com/google/google-authenticator-android/issues/29
> Changing totp-mode not working
> ------------------------------
>
> Key: GUACAMOLE-1360
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1360
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-totp
> Affects Versions: 1.3.0
> Reporter: Pascal Künzli
> Priority: Major
>
> I'm trying to set totp-mode to sha512.
> After removing ALL rows in MariaDB table guacamole_user_attribute I try to
> configure 2 users (admin and my own) again. I get the new QR code and
> algorithmus is correctly displayed with "SHA512". I can scan the QR code and
> get the right issuer name. Everything looks good. But now the entered
> authentication code will never accepted! I get only "Verification failed. Try
> again...". I can not complete the totp facility.
> If I remove my changes, restarting tomcat, everything works fine (means scan
> and confirm the new code works) but with the default values.
> BTW: A nice to have will be to get the cursor/focus to the auth code field on
> the QR code screen. :)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
