RE: TOTP minimun change?

Yes Alessandro. However if you config 2 different server with the same totp-issuer, the problema persist. A unique id added to totp-issuer auto added only for the TOTP QR would do the trick. De: Alessandro Sironi [mailto:a.sir...@me.com.INVALID] Enviado el: viernes, 08 de mayo de

Re: Error with Guacamole 1.1.0

Mike,Yes that was done as well.Mike B.Sent from my T-Mobile 4G LTE Device Original message From: Mike Jumper Date: 5/8/20 3:50 PM (GMT-05:00) To: user@guacamole.apache.org Subject: Re: Error with Guacamole 1.1.0 On Fri, May 8, 2020, 12:44 Michael Bauer wrote:

Re: Error with Guacamole 1.1.0

On Fri, May 8, 2020 at 3:44 PM Michael Bauer wrote: > Nick, > > I built the guacamole-server-1.1.0.tar.gz from the source code as well as > the client. > > It did not install in the /opt/guac/lib/ > > Here is mine: > # ll /usr/local/lib/ > total 17768 > drwxr-xr-x 3 root root 4096 May 8 15:45 ./

Re: Error with Guacamole 1.1.0

On Fri, May 8, 2020, 12:44 Michael Bauer wrote: > ... > I just ran the following > > ./configure --with-init-dir=/etc/init.d > make > make install > What about ldconfig? - Mike

Re: Error with Guacamole 1.1.0

Nick, I built the guacamole-server-1.1.0.tar.gz from the source code as well as the client. It did not install in the /opt/guac/lib/ Here is mine: # ll /usr/local/lib/ total 17768 drwxr-xr-x 3 root root 4096 May 8 15:45 ./ drwxr-xr-x 10 root root 4096 Aug 5 2019 ../ -rw-r--r-- 1 root root

Re: Radius auth with groups from ldap or open groups

On Fri, May 8, 2020 at 2:26 PM Erlichman, Zachary wrote: > Hello, > > > > I was searching around and found this question touched on before, but I > was wondering if its at all possible to auth with radius first and still > get ldap groups. Or failing that, make it so a guacamole group is either

Re: Error with Guacamole 1.1.0

On Fri, May 8, 2020 at 2:23 PM Michael Bauer wrote: > > -- Original Message -- > From: Michael Bauer > To: user@guacamole.apache.org > Date: May 8, 2020 at 2:16 PM > Subject: Error with Guacamole 1.1.0 > > Hello, > > I keep getting this error after logging into the Guacamole

Radius auth with groups from ldap or open groups

Hello, I was searching around and found this question touched on before, but I was wondering if its at all possible to auth with radius first and still get ldap groups. Or failing that, make it so a guacamole group is either "open" or the user would be automatically added to it even if they

Fwd: Error with Guacamole 1.1.0

> -- Original Message -- > From: Michael Bauer > To: user@guacamole.apache.org > Date: May 8, 2020 at 2:16 PM > Subject: Error with Guacamole 1.1.0 > > Hello, > > I keep getting this error after logging into the Guacamole Client. Is it > a bug? > >

Re: TOTP minimun change?

Il 08/05/2020 17.46, Neumen - Juan Prigoshin ha scritto: Nick : Yes. Without any hurry, because it’s a trivial problem with a workaround (don’t use the same totp-issuer for different servers), will be nice  if you can asure the unique identifier in totp-issuer. Hi, you can use this code

LDAP attributes in user list

Hello, I've successfully bound Guacamole to our LDAP (AD) server. However, in the administrative interface, columns such as Full name and Organization are empty for LDAP users. Is it possible to map LDAP attributes such as displayName so they are exposed in the existing fields? I've tried

RE: TOTP minimun change?

Nick : Yes. Without any hurry, because it’s a trivial problem with a workaround (don’t use the same totp-issuer for different servers), will be nice if you can asure the unique identifier in totp-issuer. Juan “you're asking for the totp-issue to have some sort of unique identifying

Re: TOTP minimun change?

On Fri, May 8, 2020 at 11:21 AM Neumen - Juan Prigoshin < jprigos...@autoneumen.com> wrote: > Nick : > > This is two different standalone servers. Its not Guacamole > problem. Its Google Authenticator problem. > > Ah, okay, I understand, now. > > > First server, QR Code its saved in

RE: TOTP minimun change?

Nick : This is two different standalone servers. Its not Guacamole problem. Its Google Authenticator problem. First server, QR Code its saved in Google authenticator with name “Apache Guacamole (guacadmin)” . Default totp-issuer and user. Second server, QR Code its saved in Google

Re: TOTP minimun change?

On Fri, May 8, 2020 at 10:04 AM Neumen - Juan Prigoshin < jprigos...@autoneumen.com> wrote: > I have 1 Guacamole up working without problems. I use TOTP for 2FA with > Google Authenticator. > I dont change nothing in guacamole.properties for TOTP. > Default values are used. The TOTP Works great.

Re: File transfer via VNC

On Fri, May 8, 2020 at 8:39 AM Adan0s wrote: > Hey there, > > I'm curently evaluating guacamole 1.1.0 with clients connected via vnc > (tigervnc on windows 10). > While the clipboard works, transferring files doesn't. > If I drag a file into the browser window (firefox & chrome) the > following

TOTP minimun change?

I have 1 Guacamole up working without problems. I use TOTP for 2FA with Google Authenticator. I dont change nothing in guacamole.properties for TOTP. Default values are used. The TOTP Works great. Yesterday, for testing, I have installed a VM Virtualbox, with another Guacamole. Same config. On

Re: Want some Salsa with your guacamole?

Hi all, Interesting to think having multiple accounts with different passwords is more secure than SSO. I would try to go for an SSO solution like OpenID connect and extend with multi factor authentication. Thanks Peter Get Outlook for Android

Re: Want some Salsa with your guacamole?

On Fri, May 8, 2020, 9:25 PM Sven Specker wrote: > On > > Your setup with salsa: > > haproxy(auth)->guacamole-appserver(maybe cas/shib,mfa)->guacd > > So..3 factor authentication? /If/ you can pull that off with your users > and force them to use different passwords and disable sso, yes. That >

Re: Want some Salsa with your guacamole?

On 2020-05-08 13:07, Dave Kempe wrote: You have it about right. You should run Salsa on seperate machine btw. We connect them together with spiped. This simply increases the barrier to entry by one more step. Like any security control it's only part of the picture. Allowing direct access to

Re: AW: Want some Salsa with your guacamole?

On Fri, May 8, 2020, 9:09 PM Sven Specker wrote: > Hi! > > > Or what am I missing? > > You could of course proxy to completely different guacamole instances > (with different databases) by virtue of your username/group and that > enables you to "route" access to networks of different security

Re: Want some Salsa with your guacamole?

On Fri, May 8, 2020 at 7:08 AM Dave Kempe wrote: > > > On Fri, May 8, 2020, 8:52 PM Joachim Lindenberg > wrote: > >> Hi Dave, >> >> I am trying to understand what it does and what it is good for. My take >> is: the user has to authenticate first to salsa, with LDAP credentials, >> which

Re: AW: Want some Salsa with your guacamole?

Hi! Or what am I missing? You could of course proxy to completely different guacamole instances (with different databases) by virtue of your username/group and that enables you to "route" access to networks of different security levels without having to resort to a VPN, effectively making

Re: Want some Salsa with your guacamole?

On Fri, May 8, 2020, 8:52 PM Joachim Lindenberg wrote: > Hi Dave, > > I am trying to understand what it does and what it is good for. My take > is: the user has to authenticate first to salsa, with LDAP credentials, > which whitelists the IP used, and then authenticate again to Guacamole, >

AW: Want some Salsa with your guacamole?

Hi Dave, I am trying to understand what it does and what it is good for. My take is: the user has to authenticate first to salsa, with LDAP credentials, which whitelists the IP used, and then authenticate again to Guacamole, likely using with LDAP credentials again? Which causes me to ask: do

Want some Salsa with your guacamole?

Hey all, Hopefully this is helpful to someone, but we have released our Haproxy whitelisting tool, which helps with securing guacamole. We built it protect the guacamole login screen behind an Haproxy ACL. https://github.com/sol1/salsa Salsa is a simple web interface which interacts with HAProxy

RE: Ubuntu 20.04 / Guacamole 1.1.0 / FreeRDP preconception PDU Broken

Hi Joachim, Thank you so much! Working as expected now :-) Completely missed that. Kind regards, Tom Daniels From: Joachim Lindenberg Sent: vrijdag 8 mei 2020 09:23 To: user@guacamole.apache.org Subject: AW: Ubuntu 20.04 / Guacamole 1.1.0 / FreeRDP preconception PDU Broken Hi Tom, try

Re: Copy/Paste issue

On Thursday, May 7, 2020, 2:47:38 AM GMT+2, brian dodds wrote: > Thanks for the response.  A new data point we ran into today, trying to paste > with a ctrl-v resulted in the application we were using on the RDP host > bringing up the 'open file' > dialog, and it did it repeatably.  I

AW: Ubuntu 20.04 / Guacamole 1.1.0 / FreeRDP preconception PDU Broken

Hi Tom, try vmconnect instead of nla for security. See https://issues.apache.org/jira/browse/GUACAMOLE-952. Best Regards, Joachim Von: Daniëls, Tom Gesendet: Friday, 8 May 2020 08:37 An: user@guacamole.apache.org Betreff: RE: Ubuntu 20.04 / Guacamole 1.1.0 / FreeRDP preconception PDU

RE: Ubuntu 20.04 / Guacamole 1.1.0 / FreeRDP preconception PDU Broken

Hi Nick, Deployed the war file on a test machine and unfortunately it still does not work. I receive error The remote desktop server is currently unreachable. If the problem persists, please notify your system administrator, or check your system logs. If I check syslog I see: May 8 05:52:46