Changes between Version 38 and Version 39 of Authentication

Timestamp:

03/24/18 11:54:43 (3 years ago)

Author:

Antoine Martin

Comment:

--

Authentication

@@ -50 +50 @@
 ||[/browser/xpra/trunk/src/xpra/server/auth/kerberos_ticket_auth.py kerberos-ticket]||Uses a kerberos ticket to authenticate a client||see ticket:1691#comment:4 || >=2.3||
 ||[/browser/xpra/trunk/src/xpra/server/auth/gss_auth.py gss]||Uses a GSS ticket to authenticate a client||see ticket:1691#comment:4 || >=2.3||
+||[/browser/xpra/trunk/src/xpra/server/auth/u2f_auth.py gss]||[https://en.wikipedia.org/wiki/Universal_2nd_Factor Universal 2nd Factor]||see #1789 || >=2.3||
 }}}
 
@@ -63 +64 @@
 * {{{xpra start --auth=password:value=mysecret}}}
 * {{{xpra start --auth=file:filename=/path/to/mypasswordfile.txt}}}
-* {{{xpra start --auth=multifile:filename=/path/to/userlist.txt}}}
+* {{{xpra start --auth=sqlite:filename=/path/to/userlist.sdb}}}
 
 Beware when mixing environment variables and password files as the latter may contain a trailing newline character whereas the former often do not.
@@ -91 +92 @@
 * Each authentication module specifies the type of password hashing it supports (usually [https://en.wikipedia.org/wiki/Hash-based_message_authentication_code HMAC])
 * The "sys" authentication modules (pam and win32) require the actual password to be sent across to perform the authentication on the server - they therefore use the weak "xor" hashing
-* You must use [/wiki/Encryption] to be able to use "xor" hashing so that the password is protected during the exchange: the system will refuse to send "xor" hashed password unencrypted
+* You must use [/wiki/Encryption] to be able to use "xor" hashing so that the password is protected during the exchange: the system will refuse to send a "xor" hashed password unencrypted
 * Encryption is processed before authentication