David Haukeness created GUACAMOLE-547:
-----------------------------------------
Summary: Guacd SSH doesn't supoort no auth for embedded devices
Key: GUACAMOLE-547
URL: https://issues.apache.org/jira/browse/GUACAMOLE-547
Project: Guacamole
Issue Type: Bug
Components: guacd, SSH
Affects Versions: 0.9.14
Environment: Linux 4.13.0-1012-azure #15-Ubuntu SMP Thu Mar 8 10:47:27
UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Reporter: David Haukeness
Attachments: guacd_debug_fail.txt, openssh_verbose_successful
connection.txt
When connecting to embedded devices that implicitly allow SSH access guacd
fails when the authentication method is (none). The devices permit any SSH
user with no password access to the console, and then provide authentication
internally via their interactive shell.
Test cases:
# no username and no password configured: Guacamole requests both, then fails
to connect.
# username but no password: Guacamole requests password, and then fails to
connect.
# username and password: Guacamole asks for no input, and then fails to
connect.
I've attached guacd debug logs from the failed connection attempts, plus
OpenSSH (-vv) logs from a successful connection. (Files have been suitably
redacted). The bit they share in common is they both state "Authentication
(none)" but OpenSSH proceeds with the connection, while guacd terminates the
connection:
Guacd:
{code:java}
guacd[100079]: DEBUG: Successfully connected to host 192.168.233.20, port 22
guacd[100079]: DEBUG: Supported authentication methods: (null)
guacd[100066]: INFO: Connection "$abc52848-a11c-4397-a657-7c2d4bfdb5e9"
removed.{code}
OpenSSH:
{code:java}
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentication succeeded (none).
Authenticated to 192.168.233.20 ([192.168.233.20]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
