Hi Markus,
On Mi 11 Sep 2013 16:58:34 CEST Markus Bräunig wrote:
Hello,
I am looking for a solution to provide secure authentication / mail
signing etc on a central place, so I researched the actual available
OS-Solutions for this task.I have a smart card reader built into the client which I want to use for:
- authentication at the Terminal Server
- "taking" my smart card with me to authenticate at further
destinations (connection is initiated at the Terminal Server).What I found out is, that the upcoming version of nx can do such a
thing and the commercial solutions offer also this functionality
(Windows only, Citrix, Oracle SDG …)Is it possible with x2go to forward the smart card (reader) to the
terminal server in a secure way to use it for further actions? If yes: What do I need for this?
I guess, we need to utilize the achievements of the USB/IP project [1]
for that. At the moment I have no resources to work on this for free
myself. However, you can contribute the first steps to the X2Go
project by testing USB/IP with X2Go.
[1] http://usbip.sourceforge.net/
My suggestion would be:
o start an X2Go session o provide USB/IP over a second SSH connection to the X2Go Server
The USB/IP provision has to be implementable completely in user space.
It is possible to promote a user with root privileges, but we should
avoid that.
If you could work on such a manual setup (as a research project) I
will be happy to work your results into the upstream X2Go code.
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...