guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nikola Malešević <nikola.malese...@gmail.com>
Subject Re: security concerns
Date Thu, 03 Nov 2016 14:10:16 GMT
Hi Jean Louis,

If you are using database authentication, Guacamole user accounts'
passwords are stored encrypted with SHA256 algorithm and with different
salt every time, which makes it very secure (no rainbow table attacks, for
instance). Remote connection data, however, including usernames and
passwords, is stored unencrypted in the database.

If the attacker managed to get access to your database, he could read that
data BUT you should not worry about it if you read the answer to your
second question below.

Regarding your questions, I'll give you my advice. You should know that I
started using guacamole couple of months ago and I am by no means an expert.

> 1°) how about offering programmable access auth on different machines? or
users? ( by calendar/hours )
This functionality I am looking for myself. You will notice my question
from couple of days ago on this message board regarding developing
extension to implement similar functionality.

> 2°) how about a personnal child certificate each users would have to
import in his browser to establish crypted comunication with guacamole?
This certificate generated directly under guacamole of course ;-)
You seem to be asking to generate a certificate to access Guacamole
interface from said Guacamole interface. That does not make too much sense,
really, because you would need to access it somehow in the first place, and
if you are able to do that, you are compromising the whole system. Or
perhaps I did not understand your intention.
If you are looking for the solution where an administrator would give away
certificates for clients, why not use VPN solution where your server would
have a private network with clients and access would be allowed only with
SSH certificates? That would also solve your security concern from above,
because the IP addresses of clients would be inside private network,
unaccessible from outside world. That way, even if the attacker gets hold
of RDP username/password, he has no means to access the client by that IP.

3°) how about a 2 auth process to access guacamole, with notification mail
send both to user and admin?
I have recently developed an extension for custom user authentication. Did
you consider developing an extension for that purpose? You could develop
something similar to match your needs perhaps.

Hope that helps.

Regards,
Nikola

On 3 November 2016 at 12:04, jean louis Abegg <jean.louis.abegg.39@gmail.com
> wrote:

> Hello and many thanks to the guacamole developpement team, this tool is a
> great idea!
>
> i've some questions about the security of the tool.
>
> i've used the script of HERNAN, on centos 7. Fast, easy and
> straightforward!
>
> i've dumped the mariadb database. What if a hacker could access the DB, he
> could grasp any machines declared in the DB ?
>
> I've seen that the users ( guacadmin and others ) have their pw encrypted.
> A good point i think.
>
> however, i've seen either, that the password used for the connections on
> the machines ( rdp, vnc...) are unencripted...
>
> I know, for having those informations, i've had to dump the
> database...hackers probably won't have this attack surface...?
>
> If i plan to use guacamole for "webalising" some apps or RD on the
> web...am i nutsy? Have anyone tried to hack guacamole? ( of course, leaving
> only https access )
>
> And that make me ask 3 other questions...
>
> 1°) how about offering programmable access auth on different machines? or
> users? ( by calendar/hours )
> 2°) how about a personnal child certificate each users would have to
> import in his browser to establish crypted comunication with guacamole?
> This certificate generated directly under guacamole of course ;-)
> 3°) how about a 2 auth process to access guacamole, with notification mail
> send both to user and admin?
>
> Well whaterver, many thanks again for all the guacamole community.
>
>
>

Mime
View raw message