You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Nick Couchman (JIRA)" <ji...@apache.org> on 2018/11/11 22:35:00 UTC

[jira] [Assigned] (GUACAMOLE-547) Add support for the "none" SSH authentication method

     [ https://issues.apache.org/jira/browse/GUACAMOLE-547?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nick Couchman reassigned GUACAMOLE-547:
---------------------------------------

    Assignee: Nick Couchman

> Add support for the "none" SSH authentication method
> ----------------------------------------------------
>
>                 Key: GUACAMOLE-547
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-547
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: SSH
>         Environment: Linux 4.13.0-1012-azure #15-Ubuntu SMP Thu Mar 8 10:47:27 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
>            Reporter: David Hauk
>            Assignee: Nick Couchman
>            Priority: Minor
>         Attachments: guacd_debug_fail.txt, openssh_verbose_successful connection.txt
>
>
> When connecting to embedded devices that implicitly allow SSH access guacd fails when the authentication method is (none).  The devices permit any SSH user with no password access to the console, and then provide authentication internally via their interactive shell.
> Test cases:
>  # no username and no password configured:  Guacamole requests both, then fails to connect.
>  # username but no password:  Guacamole requests password, and then fails to connect.
>  # username and password:  Guacamole asks for no input, and then fails to connect.
> I've attached guacd debug logs from the failed connection attempts, plus OpenSSH  (-vv) logs from a successful connection.  (Files have been suitably redacted).  The bit they share in common is they both state "Authentication (none)" but OpenSSH proceeds with the connection, while guacd terminates the connection:
> Guacd:
> {code:java}
> guacd[100079]: DEBUG: Successfully connected to host 192.168.233.20, port 22
> guacd[100079]: DEBUG: Supported authentication methods: (null)
> guacd[100066]: INFO: Connection "$abc52848-a11c-4397-a657-7c2d4bfdb5e9" removed.{code}
>  OpenSSH:
> {code:java}
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentication succeeded (none).
> Authenticated to 192.168.233.20 ([192.168.233.20]:22).
> debug1: channel 0: new [client-session]
> debug2: channel 0: send open
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)