xpra icon
Bug tracker and wiki

This bug tracker and wiki are being discontinued
please use https://github.com/Xpra-org/xpra instead.


Changes between Version 7 and Version 8 of Authentication


Ignore:
Timestamp:
11/07/13 05:09:32 (8 years ago)
Author:
Antoine Martin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Authentication

    v7 v8  
    2020* [/browser/xpra/trunk/src/xpra/server/auth/allow_auth.py allow]: always allows the user to login - dangerous / only for testing
    2121* [/browser/xpra/trunk/src/xpra/server/auth/fail_auth.py fail]: always fails authentication - useful for testing
    22 * [/browser/xpra/trunk/src/xpra/server/auth/file_auth.py file]: looks up usernames and password in the password file (more on that below)
     22* [/browser/xpra/trunk/src/xpra/server/auth/file_auth.py file]: looks up usernames and password in the password file (see [/wiki/Authentication#PasswordFile below])
    2323* [/browser/xpra/trunk/src/xpra/server/auth/pam.py pam]: linux PAM authentication
    2424* [/browser/xpra/trunk/src/xpra/server/auth/win32_auth.py win32]: win32security authentication
     
    3838
    3939* the password is never sent in plain text over the wire, the authentication modes that require the password to be sent to the server unhashed ({{{sys}}}: {{{pam}}} and {{{win32}}}) will refuse to run without [/wiki/Encryption Encryption]
    40 * when used over TCP sockets, password authentication is vulnerable to man-in-the-middle attacks where an attacker could intercept the initial exchange and use the stolen authentication challenge to access the session, [/wiki/Encryption Encryption] prevents that
     40* when used over TCP sockets, password authentication is vulnerable to man-in-the-middle attacks where an attacker could intercept the initial exchange and use the stolen authentication challenge response to access the session, [/wiki/Encryption Encryption] prevents that
    4141* the client does not verify the authenticity of the server, [/wiki/Encryption Encryption] does
    4242}}}