Hi Mike,
you wrote:
doesn't Windows 7 have a password storage? Not that I'd know, though I am not exactly a Windows 7 expert (plus, Windows XP and Vista are still out there, too). I only remember seeing a password storage function when it comes to web site logins in Internet Explorer.
[SNIP]
Generic would also be a statement: this functionality is not supported for your OS. Which would be a NX/x2go-migration-blocker for those currently using the "store password" function of the NXclient.
Again, I don't mind if you're using ssh keyfiles instead of stored passwords (I could drop such a keyfile into the user's home directory and set it up in a way that it doesn't require a password). FWIW, you could offer to ship invisible dwarves that type the password on the user's keyboard and I wouldn't care. ;-) I just need *some* way to provide a one-click (or double-click, since we're talking Windows here) login.
The reason behind this is a mix of usability and security issues:
Usability: The user is already authenticated on the Windows machine or the Windows Domain. No one else has access to the particular configuration file, as it is stored in the user's home directory (for this concept, it doesn't matter if it's a NX config file with a plaintext password, or a passwordless ssh secret key for x2go). There is absolutely no need to ask the user for a password again.
Security: While it would be possible to connect the NX or x2go server to the Windows Domain using PAM, keeping the two "worlds" seperate is a security benefit, since in the unlikely event that the Linux box gets hacked, the Windows Domain is not exposed to the attacker.
Kind Regards, Stefan