Changes between Version 38 and Version 39 of Authentication
- Timestamp:
- 03/24/18 11:54:43 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Authentication
v38 v39 50 50 ||[/browser/xpra/trunk/src/xpra/server/auth/kerberos_ticket_auth.py kerberos-ticket]||Uses a kerberos ticket to authenticate a client||see ticket:1691#comment:4 || >=2.3|| 51 51 ||[/browser/xpra/trunk/src/xpra/server/auth/gss_auth.py gss]||Uses a GSS ticket to authenticate a client||see ticket:1691#comment:4 || >=2.3|| 52 ||[/browser/xpra/trunk/src/xpra/server/auth/u2f_auth.py gss]||[https://en.wikipedia.org/wiki/Universal_2nd_Factor Universal 2nd Factor]||see #1789 || >=2.3|| 52 53 }}} 53 54 … … 63 64 * {{{xpra start --auth=password:value=mysecret}}} 64 65 * {{{xpra start --auth=file:filename=/path/to/mypasswordfile.txt}}} 65 * {{{xpra start --auth= multifile:filename=/path/to/userlist.txt}}}66 * {{{xpra start --auth=sqlite:filename=/path/to/userlist.sdb}}} 66 67 67 68 Beware when mixing environment variables and password files as the latter may contain a trailing newline character whereas the former often do not. … … 91 92 * Each authentication module specifies the type of password hashing it supports (usually [https://en.wikipedia.org/wiki/Hash-based_message_authentication_code HMAC]) 92 93 * The "sys" authentication modules (pam and win32) require the actual password to be sent across to perform the authentication on the server - they therefore use the weak "xor" hashing 93 * You must use [/wiki/Encryption] to be able to use "xor" hashing so that the password is protected during the exchange: the system will refuse to send "xor" hashed password unencrypted94 * You must use [/wiki/Encryption] to be able to use "xor" hashing so that the password is protected during the exchange: the system will refuse to send a "xor" hashed password unencrypted 94 95 * Encryption is processed before authentication 95 96