Good points Nick, appreciate the response. I think you're solution is probably good for *MOST* of our users, but I liked guacamole as an option for a few reasons, which I'm making more generic to show value for a wider audience:
1) root/admin users on targets could change their ssh/RDP logout timer -- but they can't change the guacamole connection settings. 2) Guacamole admins might not be admins on target machines, and incapable of setting this maximum session duration, but still want/need to enforce a kick-out/re-auth. 3) Can configure it per-target, without actually having admin access to the target -- for instance, production systems can have a 1 hour idle timeout, and development servers have none 4) Guacamole is a convenient one-place way to set and enforce this... (basically a rehash of above): - no need to ensure every target is built to the policy requirements... which helps in semi-silo'ed organizations where there might be several groups sharing a managed Guacamole - no need to work with various departments on building machines and making an enforcement mechanism... similar to the above item. 5) Many users here seem to use guacamole with on-demand resources, and having an easy idle timer set by the DB/Connections area is probably a lot easier for system admins to work with than re-writing UI code like the "hack" put in place for GUAC-1126 in an attempt to stop idle sessions. Just a few reasons why having this as a guacamole feature would be helpful! On Wed, Jun 8, 2022, 4:27 PM Nick Couchman <vn...@apache.org> wrote: > On Wed, Jun 8, 2022 at 11:16 AM Lee Doughty <l...@virginiacyberrange.org> > wrote: > >> Lots of activity on the mailing list the last 2-3 weeks. Recent >> discussions got me thinking (again) about a more specific/pointed feature >> request that helps alleviate some issues that I think many of us Guacamole >> administrators would like: >> >> I think it would be a nice feature to: >> 1) Monitor for some kind of real-user-to-vm activity, and having the >> connection disconnect if it sits idle for a configured period of time >> 2) and/or: a feature to require the user to take an action to extend >> their session after a configured amount of time >> >> This seems to also address some of the pushback and use cases mentioned >> on https://issues.apache.org/jira/browse/GUACAMOLE-1126 -- where many of >> us are trying to balance resources & costs, and user activity / action is >> what determines if we have a user's VM loaded/online/existing. >> >> * Mark Nolan noted he spins up VMs on connection, and presumably then, >> turns them off after some period when the user is not connected. This is >> very similar to my use case. >> >> * Alexander Fischer noted that inactive users trigger reconnection, which >> might be a cause of an issue for him... but would also likely be mitigated >> if reconnection factored in the last time the user seems to have used >> guacamole when deciding to try and reconnect. >> >> * Edgardo Rodriguez noted in his initial description of G-1126 that users >> walk/tab away from Guacamole (also a pain point I feel regularly)... This >> kind of feature would likely reduce the need for limiting retry attempts >> (though I think _a_ limit on retry attempts is a nice feature on its own) >> >> Basically, identify when a user is not actually using the machine >> anymore, and allow the guacamole server to go through the connection >> close-out process. This saves on guacamole server resources, and can allow >> those of us with hooks on connection states to perform our desired actions >> (like freeing the target for a new user, shutting down the VM, etc.). >> >> This is obviously also a help for budgeting & resource management -- do I >> really have 500 active guacamole sessions, or 300 active guacamole sessions >> and 200 connections that are idle for 6+ hours, or days? Without snooping >> on the sessions, or the target VMs, I'm not aware of an ability to extract >> this information right now. If I could say I want sessions that are idle >> for 3 hours to be closed out, I can at least be sure the connections have >> seen activity in that time window. >> >> This doesn't exactly address what "activity" is, but I think it would be >> safe to assume that automated re-connection is not user activity... we'd >> probably want to see the mouse move in the guacamole tab, or a keypress. >> >> Would love to hear others thoughts on this kind of feature >> >> > My biggest question, here, is why we would re-invent this wheel? For RDP, > at least, and possibly for other protocols, the destination/remote system > itself is able to detect when a user is active, and set either session or > idle limits (or both) based on that user activity, and then take some sort > of action (usually logging the user off) when the user is idle or their > session limit has expired. And, while this is generally only logging the > user off, and doesn't involve shutting the remote system down, I would > think that the shut down of the remote system could be either triggered by > lack of user login on the system (I suspect there are utilities already out > there to do this), or by Guacamole (once the session actually ends, you > could have an extension go power off the remote system). > > This avoids having to try to detect user activity within Guacamole itself, > but gives you what I think you're looking for? > > Glad to see the discussion - just my initial thoughts, so let me know if > that does not, for some reason, meet the need. > > -Nick >
