On Fri, May 8, 2020 at 10:04 AM Neumen - Juan Prigoshin < [email protected]> wrote:
> I have 1 Guacamole up working without problems. I use TOTP for 2FA with > Google Authenticator. > I dont change nothing in guacamole.properties for TOTP. > Default values are used. The TOTP Works great. > > Yesterday, for testing, I have installed a VM Virtualbox, with another > Guacamole. > Same config. > > On first login, scan the QR with Google Authenticator. This use the same > name > "Apache Guacamole(guacadmin)", replacing the first one! > > I now lost Access for mi first Guacamole. > > Hmmmm...it sounds like the two guacamole instances are pointed at the same database, and maybe you cleared out the TOTP configuration in the DB for the guacadmin user, or overwrote part of the DB configuration? There's something odd going on there, anyway, because you should be able to do one of two things: - Point the Guacamole install at the same database, and log in with the same guacadmin credentials and TOTP configuration. - Point the Guacamole install at a completely separate database and reconfigure from scratch. > I know it's not a Guacamole problem per se, but would be nice adding a > serial?/instance?/aleatory? Number to Issuer Name in TOTP. > With this, never two Guacamole are going to have then same Issuer Name. > > If you're pointing at a different DB, this should never be an issue. If you're pointing at the same DB without removing the old TOTP configuration this also should not be an issue. That said, I could see a potential feature where there is support for multiple tokens per user - this is not necessarily an uncommon request, so it is something we could consider. But I don't think it's required for you to resolve the issue you're seeing. -Nick
