On Fri, May 8, 2020, 9:25 PM Sven Specker <[email protected]> wrote:
> On > > Your setup with salsa: > > haproxy(auth)->guacamole-appserver(maybe cas/shib,mfa)->guacd > > So..3 factor authentication? /If/ you can pull that off with your users > and force them to use different passwords and disable sso, yes. That > would increase security. > That's the idea. We have used an older version of salsa in production for years and it has worked well. The support model suited the particular environment, for example where you have vendors who need to support legacy devices, and have internal staff hold their second factor. Thanks Dave
