[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce

wiki-admin at x2go.org wiki-admin at x2go.org
Thu Dec 7 16:27:26 CET 2017


A page in your DokuWiki was added or changed. Here are the details:

Date        : 2017/12/07 15:27
Browser     : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.6.2
IP-Address  : 134.3.37.90
Hostname    : HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de
Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1512659666
New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce
Edit Summary: [List of open ToDos/FIXMEs for this page] updated entry regarding ssh secret key handling
User        : stefanbaur

@@ -1059,21 +1059,26 @@
  
  FIXME To be checked: Does the live-config "builtin" command ''live-config.nottyautologin'' do the same as our ''nouser'' command? If yes, ''nouser'' could be removed. Note that ''live-config.nottyautologin'' **might** mean "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want.  We need a solution to entirely block user
logons.
  
  FIXME autodetection for SSH Private Keys might need some more bells and whistles.
- For USB media, this may require adding an automounter.
-   * how about a script that patches the sessions file to enable autologin for all sessions when keys have been found?
-   * 2800-x2go-thinclientconfig needs to be changed so it uses the keyfile(s) when in broker mode (''--broker-ssh-key'')
-   * directory scan 
-     * should we abort on first match?
-   * how do we treat multiple keys?
-     * no keys on USB and exactly one key on disk -> use key
-     * exactly one key on USB -> takes precedence over key/keys found on disk? Or present chooser based on gxmessage?
-     * multiple keys -> Present chooser based on gxmessage?
-   * problem with gxmessage as chooser is that it can only display 6 buttons on 640x480 (Which we should assume as minimum screen size)
-     * 4 key choices, back, next?
-   * oooooor we might just load all keys into ssh-agent and let it figure out which one it
needs?
-     * next problem: How do we prompt for passwords of such keys?
+ <del>For USB media, this may require adding an automounter.</del>
+   * <del>how about a script that patches the sessions file to enable autologin for all sessions when keys have been found?</del>
+   * <del>2800-x2go-thinclientconfig needs to be changed so it uses the keyfile(s) when in broker mode (''--broker-ssh-key'')</del>
+   * <del>directory scan </del>
+     * <del>should we abort on first match?</del>
+   * <del>how do we treat multiple keys?</del>
+     * <del>no keys on USB and exactly one key on disk -> use key</del>
+     * <del>exactly one key on USB -> takes precedence over key/keys found on disk? Or present chooser based on gxmessage?</del>
+     * <del>multiple keys -> Present chooser based on gxmessage?</del>
+   * <del>problem with gxmessage as chooser is that it can only display 6 buttons on 640x480 (Which we should assume as minimum screen size)</del>
+     * <del>4 key choices, back,
next?</del>
+   * <del>oooooor we might just load all keys into ssh-agent and let it figure out which one it needs?</del>
+     * <del>next problem: How do we prompt for passwords of such keys?</del>
+   * Situation: We have a working automounter, and ''copysecring'' will copy all keys found to the live-user's homedir under .ssh:
+     * If a session is set to "Try auto login (via SSH Agent or default SSH key)" and NO keyfile is set, then X2GoClient will try **all** secret keys in .ssh. Showing a password prompt if a key is password-protected is handled by X2GoClient, so needs no extra work.
+     * To specify a keyfile, either:
+       * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or
+       * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' as keyfile path/name
  
  FIXME 2200-xserver-xorg-getxorgconf should be taught to understand file:<nowiki>//</nowiki> URLs.
  
  FIXME Parsing the output of e.g. <code>udevadm info --query path
/dev/sdb


-- 
This mail was generated by DokuWiki at
https://wiki.x2go.org/



More information about the x2go-commits mailing list