>
>
> > Off the top of my head:
> >
> > * You step away from the computer and need to check something via your
> > phone.
> >
> > * You lock your screen at work without logging out from guac, head home,
> > and need to log in again.
> >
> > * You are using an anonymizing service which changes IP
Mike Jumper wrote
> On Sun, May 13, 2018, 04:49 Suncatcher16
> suncatcher16@
> wrote:
>
>> Just a matter of taste. Both use-cases require extensions anyway. LAN/WAN
>> differentiation seems more important for me.
>>
>> BTW, how can single user connect from different IPs simultaneously? It's
On Sun, May 13, 2018, 04:49 Suncatcher16 wrote:
> Just a matter of taste. Both use-cases require extensions anyway. LAN/WAN
> differentiation seems more important for me.
>
> BTW, how can single user connect from different IPs simultaneously? It's a
> great breach for
Just a matter of taste. Both use-cases require extensions anyway. LAN/WAN
differentiation seems more important for me.
BTW, how can single user connect from different IPs simultaneously? It's a
great breach for attacker, which could mask malicious activity. I cannot
imagine such use-case where
vnick wrote
> On Mon, Apr 9, 2018 at 11:15 AM, Steven Galante <
> steven.galante@
>> wrote:
> I don't think it has been implemented by anyone, yet, but should be very
> doable - it will require writing a custom Authentication Extension
> -Nick
Exactly. One need to write an extension. The
On Mon, Apr 9, 2018 at 12:13 PM, Tom Astle wrote:
> I'll add a "me too" for this. I'd also like to use the upcoming TOTP
> support with this so that if someone was coming from a certain subnet, say
> an RFC1918 private, they would not have to use the 2fa. Presently, we are
>
On Mon, Apr 9, 2018 at 11:15 AM, Steven Galante <
steven.gala...@stonybrook.edu> wrote:
> I understand this is counter intuitive to Guacamole's purpose. Though, I
> have use case were we would like to be able to restrict select connections
> for users by source IP. Has anyone come across this?
I'll add a "me too" for this. I'd also like to use the upcoming TOTP support
with this so that if someone was coming from a certain subnet, say an RFC1918
private, they would not have to use the 2fa. Presently, we are looking at using
Duo for this, which is really expensive in scale.
- On
I understand this is counter intuitive to Guacamole's purpose. Though, I
have use case were we would like to be able to restrict select connections
for users by source IP. Has anyone come across this? and if so, how did you
come over it?
Thanks,
Steve