Re: 2FA and sharing profile
Hi, Thanks for the info.I will give item1 a tryFor item 2, Got it but a passcode will still be beneficial so that the link will not be open for all on the wide internet. Best Regards,Don On Saturday, 5 February 2022, 01:04:38 am SGT, Hankins, Jonathan wrote: Re: #1 -- There are some tickets in JIRA about it, and it looks like it's being considered for a future version. See the workaround that one user is using here. https://issues.apache.org/jira/plugins/servlet/mobile#issue/GUACAMOLE-1164 Re: #2 -- I don't think this is possible in the current implementation. If you trust your users to follow protocol, you could have them share the links by something password protected/ephemeral, like Bitwarden Send or something similar. This won't help if you are worried about your users sharing via inappropriate channels. On Fri, Feb 4, 2022 at 9:31 AM Don Eugene Paul Viado wrote: Hello, Just wanted to ask if the below function is already possible or any workaround 1.) Mixing 2FA and Password only users - Currently, I have used the totp plugin but this seems to force all users to enroll token on the device. Is it possible to configure some user to not be presented with 2FA challenge and only use their passwords2.) Sharing profile - Very useful feature but i have concern with security as sharing the URL link goes to some unsecure method (chat, email) which will can be seen by someone else. Is it possible to password protect it so the link can be passed insecurely and the password to some other means Thanks in advance. -- Jonathan Hankins Homewood City Schools W: 205-877-4548 This e-mail is intended only for the recipient and may contain confidential or proprietary information. If you are not the intended recipient, the review, distribution, duplication or retention of this message and its attachments are prohibited. Please notify the sender of this error immediately by reply e-mail, and permanently delete this message and its attachments in any form in which they may have been preserved.
Re: 2FA and sharing profile
Re: #1 -- There are some tickets in JIRA about it, and it looks like it's being considered for a future version. See the workaround that one user is using here. https://issues.apache.org/jira/plugins/servlet/mobile#issue/GUACAMOLE-1164 Re: #2 -- I don't think this is possible in the current implementation. If you trust your users to follow protocol, you could have them share the links by something password protected/ephemeral, like Bitwarden Send or something similar. This won't help if you are worried about your users sharing via inappropriate channels. On Fri, Feb 4, 2022 at 9:31 AM Don Eugene Paul Viado wrote: > Hello, > > Just wanted to ask if the below function is already possible or any > workaround > > 1.) Mixing 2FA and Password only users - Currently, I have used the totp > plugin but this seems to force all users to enroll token on the device. Is > it possible to configure some user to not be presented with 2FA challenge > and only use their passwords > 2.) Sharing profile - Very useful feature but i have concern with security > as sharing the URL link goes to some unsecure method (chat, email) which > will can be seen by someone else. Is it possible to password protect it so > the link can be passed insecurely and the password to some other means > > Thanks in advance. > -- Jonathan Hankins Homewood City Schools W: 205-877-4548 -- This e-mail is intended only for the recipient and may contain confidential or proprietary information. If you are not the intended recipient, the review, distribution, duplication or retention of this message and its attachments are prohibited. Please notify the sender of this error immediately by reply e-mail, and permanently delete this message and its attachments in any form in which they may have been preserved.
2FA and sharing profile
Hello, Just wanted to ask if the below function is already possible or any workaround 1.) Mixing 2FA and Password only users - Currently, I have used the totp plugin but this seems to force all users to enroll token on the device. Is it possible to configure some user to not be presented with 2FA challenge and only use their passwords2.) Sharing profile - Very useful feature but i have concern with security as sharing the URL link goes to some unsecure method (chat, email) which will can be seen by someone else. Is it possible to password protect it so the link can be passed insecurely and the password to some other means Thanks in advance.
