guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: Using Public/Private key based authenication with LDAP
Date Thu, 15 Nov 2018 11:41:19 GMT
On Thu, Nov 15, 2018 at 5:33 AM Daniel Storey <
daniel.storey@rededucation.com> wrote:

> Hi Guys,
>
>
> I'm wondering if I can set up ssh key authentication by storing the
> private keys in LDAP for guacamole? With a parameter type of
> guacConfigParameter, what keyword would I use to describe it?
>

Yes, you can do this, though I'd caution you to be very careful and make
sure that the permissions on the objects in your LDAP directory that have
the private keys are very locked down.  Basically only the users who are
going to run the connection should have any access to that Guacamole
connection object.


>
> Here's an excerpt from the LDIF file I'm using to create the object inside
> the LDAP directory:
>
>
> guacConfigParameter: hostname=172.30.7.117
>
> guacConfigParameter: port=22
>
> guacConfigParameter: username=admin
>
> guacConfigProtocol: ssh
>
>
See:
http://guacamole.apache.org/doc/gug/configuring-guacamole.html#ssh

Basically, any of the parameters on that page can be put into the
configuration, so you can use the "private-key" parameter as well as the
"passphrase" parameter (if required).

-Nick

>

Mime
View raw message