On Mon, Aug 13, 2018, 09:21 Rhys Ferris <[email protected]> wrote:
> ... > > Last question: can I use md5 encoding on the connection password for a > connection like I can for the authorize password: > > <authorize > > username="Rhysers" > > password="<md5 hash>" > > encoding="md5"> > > ……. > No. Guacamole needs to be able to send the password to the RDP server, thus needs the password unhashed. If what you describe were possible, that'd be a pretty big vulnerability in Windows. ;) If you want to avoid storing the password, as long as you ensure that the password is the same for the RDP user and the Guacamole user (LDAP auth may be a good way to achieve this), then you can pass the password through using parameter tokens: http://guacamole.apache.org/doc/gug/configuring-guacamole.html#parameter-tokens - Mike
