guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Not Speedy <notspeed...@gmail.com>
Subject NLA with Radius/OTP authentication
Date Sat, 15 Dec 2018 20:05:02 GMT
Hi.
I noticed there is a way to pass the username/password through to NLA and
RDP connections to create a SSO like experience. It looks like I could use
the variables GUAC_USERNAME and  GUAC_PASSWORD. ( or something like that).

I'm using PrivacyIdea (fork of linotp) to handle my OTP requirements backed
by ldap.  So to signing, Id use username and password+OTP. Looking
something like this.  'john.doe' 'secret123456'

This would get passed to NLA/RDP as "secret123456", which will not work.
Most radius/otp solutions will allow you to add the OTP at the front or end
of the PIN (password).  Is there a way to pass this through while dropping
the OTP? Perhaps creating a configuration option that could drop the "front
or end by # character"?

Or is there a better option that I'm simply not aware of? If so, please let
me know.  If not, Id love to make a feature request!

-Thanks

Mime
View raw message