You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by smoke <ni...@wikieye.com> on 2018/07/12 08:07:39 UTC
Plaintext passwords in guacamole.properties
Hello!
I am a little put off by the unhashed password in ldap-search-bind-password
(guacamole.properties). Is there a way to use the hash instead of the
visible pass? The same thing goes for the postgresql-password.
I searched for a solution to this problem to no avail.
Thank you!
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
Re: Plaintext passwords in guacamole.properties
Posted by Mike Jumper <mi...@glyptodon.org>.
On Thu, Jul 12, 2018 at 9:36 AM, Erik Berndt
<er...@superiorpaving.net> wrote:
>>Your best option is to set filesystem permissions appropriately such that
>> only Guacamole can read guacamole.properties.
>
> I had a similar thought a few months ago and this is your best best. Yes,
> the password is stored in plain text on a publicly available server, but
> it's not being transmitted externally, so locking it down should be
> sufficient. We use smtp relay on a couple of servers and have the config
> files storing the credentials set to 644. I just checked and
> guacamole.properties is set to 604, which from what I can recall was the
> most restrictive mode without the service becoming inaccessible.
>
In general, I'd recommend creating a group specific to Guacamole (like
"guacamole"), adding the Tomcat user to that group, and ensuring
guacamole.properties is owned by "root:guacamole" with 640 permissions
(read/write for root, read-only to guacamole, unreadable to all
others). That should lock things down nicely.
- Mike
Re: Plaintext passwords in guacamole.properties
Posted by Erik Berndt <er...@superiorpaving.net>.
>Your best option is to set filesystem permissions appropriately such that
only Guacamole can read guacamole.properties.
I had a similar thought a few months ago and this is your best best. Yes,
the password is stored in plain text on a publicly available server, but
it's not being transmitted externally, so locking it down should be
sufficient. We use smtp relay on a couple of servers and have the config
files storing the credentials set to 644. I just checked and
guacamole.properties is set to 604, which from what I can recall was the
most restrictive mode without the service becoming inaccessible.
Erik Berndt / Systems Administrator
5551 Wellington Rd, Gainesville, VA 20155
703.631.0004 x520 (Phone) / 703.257.1725 (Fax)
http://www.superiorpaving.net
Need to open an IT support ticket?
http://FixIT.superiorpaving.net/portal or FixIT@superiorpaving.net
On Thu, Jul 12, 2018 at 4:19 AM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Thu, Jul 12, 2018, 01:07 smoke <ni...@wikieye.com> wrote:
>
>> Hello!
>>
>> I am a little put off by the unhashed password in
>> ldap-search-bind-password
>> (guacamole.properties). Is there a way to use the hash instead of the
>> visible pass? The same thing goes for the postgresql-password.
>>
>
> No - they're not that kind of password.
>
> Hashing only makes sense for passwords which will be verified by Guacamole
> - passwords which Guacamole does not need to know verbatim. In this case,
> those passwords must be sent by Guacamole to the LDAP or PostgreSQL server
> to authenticate, thus it must have the actual raw password, not a hash.
>
> Your best option is to set filesystem permissions appropriately such that
> only Guacamole can read guacamole.properties.
>
> - Mike
>
>
--
This
e-mail and any files transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they are
addressed. If you are not the intended recipient or the person
responsible for delivering the e-mail to the intended recipient, be
advised that you have received this e-mail in error and that any use,
dissemination, forwarding, printing or copying of this e-mail is
strictly
prohibited. If you have received this e-mail in error, please
immediately
notify Superior Paving Corp. by telephone at (703)
631-0004. You will be
reimbursed for reasonable costs incurred in
notifying us.
Re: Plaintext passwords in guacamole.properties
Posted by Mike Jumper <mi...@guac-dev.org>.
On Thu, Jul 12, 2018, 01:07 smoke <ni...@wikieye.com> wrote:
> Hello!
>
> I am a little put off by the unhashed password in ldap-search-bind-password
> (guacamole.properties). Is there a way to use the hash instead of the
> visible pass? The same thing goes for the postgresql-password.
>
No - they're not that kind of password.
Hashing only makes sense for passwords which will be verified by Guacamole
- passwords which Guacamole does not need to know verbatim. In this case,
those passwords must be sent by Guacamole to the LDAP or PostgreSQL server
to authenticate, thus it must have the actual raw password, not a hash.
Your best option is to set filesystem permissions appropriately such that
only Guacamole can read guacamole.properties.
- Mike