= Authentication = [[BR]] {{{#!div class="box" == Introduction == The documentation here applies to version 0.11 and later. Older versions only support the "{{{--password-file}}}" authentication mode. When using ssh to connect to a server, [/wiki/Encryption encryption] and authentication can be skipped. Xpra's authentication modules can be useful for: * securing TCP sockets * making the unix domain socket accessible to other users safely * using the [/wiki/ProxyServer Proxy Server] mode }}} {{{#!div class="box" == Modules == The authentication module used is specified using the "{{{--auth=MODULE}}}" switch. [[BR]] Here are the modules that can be used: * [/browser/xpra/trunk/src/xpra/server/auth/allow_auth.py allow]: always allows the user to login, the username used is the one supplied by the client - dangerous / only for testing * [/browser/xpra/trunk/src/xpra/server/auth/none_auth.py none]: always allows the user to login, the username used is the one the server is running as - dangerous / only for testing (requires version 0.12 or later) * [/browser/xpra/trunk/src/xpra/server/auth/fail_auth.py fail]: always fails authentication, no password required - useful for testing * [/browser/xpra/trunk/src/xpra/server/auth/reject_auth.py reject]: always fails authentication, pretends to ask for a password - useful for testing * [/browser/xpra/trunk/src/xpra/server/auth/file_auth.py file]: looks up usernames and password in the password file (see [/wiki/Authentication#PasswordFile below]) * [/browser/xpra/trunk/src/xpra/server/auth/pam.py pam]: linux PAM authentication * [/browser/xpra/trunk/src/xpra/server/auth/win32_auth.py win32]: win32security authentication * {{{sys}}} is a virtual module which will choose win32 or pam }}} {{{#!div class="box" == Password File == When used without the [/wiki/ProxyServer Proxy Server], the password file can contain a simple password in plain text. [[BR]] See [/ProxyServer#FileAuthenticationExtras proxy server file authentication] for more advanced usage. }}} {{{#!div class="box" == Security Considerations == * the password is never sent in plain text over the wire, the authentication modes that require the password to be sent to the server unhashed ({{{sys}}}: {{{pam}}} and {{{win32}}}) will refuse to run without [/wiki/Encryption Encryption] * when used over TCP sockets, password authentication is vulnerable to man-in-the-middle attacks where an attacker could intercept the initial exchange and use the stolen authentication challenge response to access the session, [/wiki/Encryption Encryption] prevents that * the client does not verify the authenticity of the server, [/wiki/Encryption Encryption] does }}}