= Authentication =

[[BR]]

{{{#!div class="box"
== Introduction ==
The documentation here applies to version 0.11 and later. Older versions only support the "{{{--password-file}}}" authentication mode.

When using ssh to connect to a server, [/wiki/Encryption encryption] and authentication can be skipped.

Xpra's authentication modules can be useful for:
* securing TCP sockets
* making the unix domain socket accessible to other users safely
* using the [/wiki/ProxyServer Proxy Server] mode
}}}

{{{#!div class="box"
== Modules ==
The authentication module used is specified using the "{{{--auth=MODULE}}}" switch.
[[BR]]
Here are the modules that can be used:
* [/browser/xpra/trunk/src/xpra/server/auth/allow_auth.py allow]: always allows the user to login, the username used is the one supplied by the client - dangerous / only for testing
* [/browser/xpra/trunk/src/xpra/server/auth/none_auth.py none]: always allows the user to login, the username used is the one the server is running as - dangerous / only for testing (requires version 0.12 or later)
* [/browser/xpra/trunk/src/xpra/server/auth/fail_auth.py fail]: always fails authentication, no password required - useful for testing
* [/browser/xpra/trunk/src/xpra/server/auth/reject_auth.py reject]: always fails authentication, pretends to ask for a password - useful for testing
* [/browser/xpra/trunk/src/xpra/server/auth/file_auth.py file]: looks up usernames and password in the password file (see [/wiki/Authentication#PasswordFile below])
* [/browser/xpra/trunk/src/xpra/server/auth/pam.py pam]: linux PAM authentication
* [/browser/xpra/trunk/src/xpra/server/auth/win32_auth.py win32]: win32security authentication
* {{{sys}}} is a virtual module which will choose win32 or pam
}}}

{{{#!div class="box"
== Password File ==

When used without the [/wiki/ProxyServer Proxy Server], the password file can contain a simple password in plain text.
[[BR]]
See [/ProxyServer#FileAuthenticationExtras proxy server file authentication] for more advanced usage.
}}}

{{{#!div class="box"
== Security Considerations ==

* the password is never sent in plain text over the wire, the authentication modes that require the password to be sent to the server unhashed ({{{sys}}}: {{{pam}}} and {{{win32}}}) will refuse to run without [/wiki/Encryption Encryption]
* when used over TCP sockets, password authentication is vulnerable to man-in-the-middle attacks where an attacker could intercept the initial exchange and use the stolen authentication challenge response to access the session, [/wiki/Encryption Encryption] prevents that
* the client does not verify the authenticity of the server, [/wiki/Encryption Encryption] does
}}}