You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@guacamole.apache.org by Reinert Korsnes <re...@online.no> on 2018/10/20 05:54:36 UTC

Possible to log in (to a linux account) with only one user/password?

Hi,

I got my program experimentally available for others via guacamole and a 
linux user. One of the first questions I got was:

Is it possible to avoid the need of two pairs of user/password?

Is it?

To clarify: Now I need to provide two pairs of user/password: one pair 
to the "guacamole" front page and the other to the linux user.

What the users really want is to enter my program as directly as 
possible (and maybe not be "confronted" with the linux GUI).

reinert

Re: Possible to log in (to a linux account) with only one user/password?

Posted by Nick Couchman <vn...@apache.org>.

On Sat, Oct 20, 2018 at 1:54 AM Reinert Korsnes <re...@online.no>
wrote:

> Hi,
>
> I got my program experimentally available for others via guacamole and a
> linux user. One of the first questions I got was:
>
> Is it possible to avoid the need of two pairs of user/password?
>

The answer is: It depends.  In many situations, yes, it is possible to
avoid this - if your Linux login is the same as the login you use for
Guacamole, then you can use Parameter Tokens for the username and password
to automatically fill this information in:

http://guacamole.apache.org/doc/gug/configuring-guacamole.html#parameter-tokens

This works really well in situations where Guacmaole is using LDAP
authentication and is pointed at Active Directory, and you're accessing
Windows RDP sessions that are part of the same AD domain.  You can also use
it when Guacamole is pointed at an LDAP tree and your Linux systems are
pointed at the same LDAP tree (AD, OpenLDAP, etc.) and the
username/password for Guacamole will be the same as the target Linux server.

If the Linux host does not use the same authentication mechanism as the
Guacamole web interface, then you're going to have to have two sets of
prompts - one for Guacamole and one for the Linux login.  Also, depending
on the protocol you're using to access the Linux host, this may not be
possible - SSH and Telnet should work fine, or RDP (if you're using XRDP).
Because VNC uses a password only between Guacamole and the VNC server, it's
not really possible to automate the login portion past the VNC password.

Hopefully this all makes sense - feel free to reply if you have any other
questions.

-Nick