Mike Gabriel | 27 Nov 09:28 2013
Picon

Re: Preseeding Ubuntu remote-login-service.conf

Hi Kjetil,

On  Mi 27 Nov 2013 02:09:47 CET, Kjetil Fleten wrote:

> We are successfully using Mike's excellent guide to Unity Greeter with
> X2Go Remote Login Support.
> http://sunweavers.net/blog/unity-greeter-with-x2go-remote-login-support
> One of the things we want to do next, is to tweak the
> remote-login-service.conf so that username and password are passed to
> the UCCS-like WebUI of the X2Go Session Broker automaticly.
> I have tried add a line to the config file, but the syntax is obviously
> wrong:
>
> [Remote Login Service]
> Servers=MyUCCSTest
>
> [Server MyUCCSTest]
> Name=Remote Login
> URI=http://x2gobroker.localdomain:8080/uccs/inifile/
> echo <mypassword> | thin-client-config-agent <myuserid>
>
> I have also tried a lot of other variations over the above, with no success.
>
> This test works:
> $ SERVER_ROOT=http://x2gobroker.localdomain:8080/uccs/inifile/
> $ export SERVER_ROOT
> $ echo <mypassword> | thin-client-config-agent <myuserid>
>
> Can <mypassword> and <myuserid> be implemented in a similar way to the
> conf file ?
> Anyone that have a good tip ?

Do you (a) want to allow unauthenticated access to the X2Go Session  
Broker or do you (b) want to retrieve a password from the session  
broker and use that for X2Go session login?

(a) This should (in theory) be possible by simple setting  
,,check-credentials=False'' in x2gobroker.conf. However, I have just  
tested this and it does not work in the 0.0.3.0 preview of X2Go  
Session Broker. I currently providing a patch for this.

(b) the UCCS client implementation in remote-login-service supports  
plain text passwords being transmitted over the wire from UCCS server  
to remote-login-service. This password then will be filled into the  
login dialog of Unity Greeter.

As the storage and transmission of plain text passwords is something I  
do not like about the UCCS implementation, I did not implement it in  
X2Go Session Broker. This of course could be coded into the broker and  
then Remote Login authentication in Unity Greeter should be a bit  
smoother.

My preference for reducing password input would be (a). With my  
background information of your setup (broker is only reachable via  
VPN) this would be less critical and could be set up with less effort.

Greets,
Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@..., http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Hi Kjetil,

On  Mi 27 Nov 2013 02:09:47 CET, Kjetil Fleten wrote:

> We are successfully using Mike's excellent guide to Unity Greeter with
> X2Go Remote Login Support.
> http://sunweavers.net/blog/unity-greeter-with-x2go-remote-login-support
> One of the things we want to do next, is to tweak the
> remote-login-service.conf so that username and password are passed to
> the UCCS-like WebUI of the X2Go Session Broker automaticly.
> I have tried add a line to the config file, but the syntax is obviously
> wrong:
>
> [Remote Login Service]
> Servers=MyUCCSTest
>
> [Server MyUCCSTest]
> Name=Remote Login
> URI=http://x2gobroker.localdomain:8080/uccs/inifile/
> echo <mypassword> | thin-client-config-agent <myuserid>
>
> I have also tried a lot of other variations over the above, with no success.
>
> This test works:
> $ SERVER_ROOT=http://x2gobroker.localdomain:8080/uccs/inifile/
> $ export SERVER_ROOT
> $ echo <mypassword> | thin-client-config-agent <myuserid>
>
> Can <mypassword> and <myuserid> be implemented in a similar way to the
> conf file ?
> Anyone that have a good tip ?

Do you (a) want to allow unauthenticated access to the X2Go Session  
Broker or do you (b) want to retrieve a password from the session  
broker and use that for X2Go session login?

(a) This should (in theory) be possible by simple setting  
,,check-credentials=False'' in x2gobroker.conf. However, I have just  
tested this and it does not work in the 0.0.3.0 preview of X2Go  
Session Broker. I currently providing a patch for this.

(b) the UCCS client implementation in remote-login-service supports  
plain text passwords being transmitted over the wire from UCCS server  
to remote-login-service. This password then will be filled into the  
login dialog of Unity Greeter.

As the storage and transmission of plain text passwords is something I  
do not like about the UCCS implementation, I did not implement it in  
X2Go Session Broker. This of course could be coded into the broker and  
then Remote Login authentication in Unity Greeter should be a bit  
smoother.

My preference for reducing password input would be (a). With my  
background information of your setup (broker is only reachable via  
VPN) this would be less critical and could be set up with less effort.

Greets,
Mike

--

-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@..., http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb

Gmane