On Monday, April 29, 2024 at 03:01:06 PM GMT+2, Nick Couchman <[email protected]> wrote: > > I think the closest thing to what you're looking for that is currently > supported in Guacamole is the "vault" extension, which supports > pulling tokens from a credential vault. The only vault currently supported is > Keeper Secrets Manager, > but support could certainly be extended to other types of vaults with some > code writing.
Thanks for that, but I was hoping not to store credentials in the cloud. In fact, I was wondering if the feature could be within Guacamole "core" (not even an extension). The credentials could be stored within the local guac DB (just like the user and connection data), and a relationship with the user ID could be set (guacamole_user.entity_id). Whenever a user tries to connect to a guac DB-defined connection/host the guacamole client could ask the user to pick any of its "credential sets" from the guac DB (or none for user input). I don't know if the "vault credential retrieval system" can be adapted to this simpler setup. Can the "vault" just be a table within guac DB? Vieri --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
