Hello,
I'm sure I'm asking a silly question but where would be this Guacamole log file
where the login failed attempts are written?I tried but I don't see anything in
my /var/log/tomcat9/localhost_access_log.2022-01-04.txt or in
/var/log/tomcat9/localhost_access_log.2022-01-04.txt .
With a "systemctl status tomcat9" I can see some " WARN
o.a.g.r.auth.AuthenticationService - Authentication attempt from a.b.c.d for
user "zzzf" failed."
Thanks,Sam
Le mardi 4 janvier 2022, 10:23:09 UTC+1, Mike Jumper <[email protected]> a
écrit :
On Mon, Jan 3, 2022, 23:26 Vieri <[email protected]> wrote:
Hi,
I believe this question has already been asked, but I can't seem to find an
answer in the docs or mailing list archives.
My Guacamole login mechanism uses LDAP (AD server). Now, I could configure the
AD server to disable user accounts after 3 login attempts.
However, I'm wondering of Guacamole itself has a way to limit user login
attempts.
Not within Guacamole itself, but within the Guacamole server:
If you install fail2ban and configure it to recognize the invalid login
messages in the Guacamole logs, then brute-force login attempts are
automatically blocked at the firewall level.
- Mike
