[X2Go-User] Smart Card Forwarding
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Thu Sep 12 08:50:54 CEST 2013
Hi Markus,
On Mi 11 Sep 2013 16:58:34 CEST Markus Bräunig wrote:
> Hello,
>
> I am looking for a solution to provide secure authentication / mail
> signing etc on a central place, so I researched the actual available
> OS-Solutions for this task.
>
> I have a smart card reader built into the client which I want to use for:
> - authentication at the Terminal Server
> - "taking" my smart card with me to authenticate at further
> destinations (connection is initiated at the Terminal Server).
>
> What I found out is, that the upcoming version of nx can do such a
> thing and the commercial solutions offer also this functionality
> (Windows only, Citrix, Oracle SDG …)
>
> Is it possible with x2go to forward the smart card (reader) to the
> terminal server in a secure way to use it for further actions?
> If yes: What do I need for this?
I guess, we need to utilize the achievements of the USB/IP project [1]
for that. At the moment I have no resources to work on this for free
myself. However, you can contribute the first steps to the X2Go
project by testing USB/IP with X2Go.
[1] http://usbip.sourceforge.net/
My suggestion would be:
o start an X2Go session
o provide USB/IP over a second SSH connection to the X2Go Server
The USB/IP provision has to be implementable completely in user space.
It is possible to promote a user with root privileges, but we should
avoid that.
If you could work on such a manual setup (as a research project) I
will be happy to work your results into the upstream X2Go code.
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20130912/98d6d3fb/attachment.pgp>
More information about the x2go-user
mailing list