Re: Using smart card on RDP host

[Владимир Куркин]

To clear things out - our local network is built on strict usage of smart cards. So that leaves me in position where i can`t just simply use logins.Right now it looks like:1. Create connection via RDP2. Connect to remote windows host3. In autentication screen i have login/password fields and bellow is a login option with placeholder for smart card which says: "Insert smart card"4. I`m trying to insert card in my current machine but obviously nothing happens and host doesn`t show any reactionI guess i need to dig in FreeRDP direction to find some workaround, am i right?  22.03.2023, 14:50, "Nick Couchman" :On Wed, Mar 22, 2023 at 3:42 AM Владимир Куркин  wrote: Hello there! Here is my case: i want to physically insert my smart card to machine, where i`am using guac web application, to authenticate on RDP host. But obviosly i get no result. Is there any way to forward USB ports to hosts? Especialy PKI USB keys. This is currently not implemented in Guacamole - very recently Mikeimplemented support for SSL authentication to Guacamole, but even withthat there is additional work that would need to be done to pass itthrough. The good news is that I don't think you actually have to passthrough the USB device to get this to work - I believe RDP, includingthe FreeRDP library, supports sending the certificate through withoutactually having to emulate the full USB device. That said, the workstill needs to be done to implement that.-Nick-To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.orgFor additional commands, e-mail: user-h...@guacamole.apache.org
-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

RE: VMRC protocol support?

[Aaron Meyer]

Nick, et'al,

Well the main one I use at work is the CMP (cloud management platform) from 
Morpheus. (https://morpheusdata.com/)
They have their own frontend and then when accessing your VM ('instances') via 
VMRC, VNC, RDP, SSH, etc they run through a guacd backend. There is a free 
license tier if you want to play with it... It's not immediately obvious how to 
sign up for that so here's a link to the 'Community Guide'. 
https://morpheusdata.com/wp-content/uploads/content/Morpheus-Data-Community-Guide-May-2020.pdf
 

I've done a little playing with the open source CMP, OpenNebula and their 
vCenter integration. Version 6.0 and their new Sunstone UI added support for 
VMRC (assuming guacd backed...) but I was playing with their pre-packaged 
appliance and couldn't get any console access to work. When I have time I may 
try installing it manually.  https://opennebula.io/ (Incidentally OpenNebula 
before the recent VMRC feature add did use VNC for VMware VM console, but the 
new VMRC access is supposed to supersede it.) They do note use of guacamole 
when noting this feature add on their blog, but as I haven't been able to get 
it to work myself I don't know if they're using guacd for VRMC or just 
RDP/VNC/SSH.

Here is there announcement blurb verbatim: 'There have been multitude of 
improvements in Sunstone: revamped VNC dialogs, asynchronous operation 
warnings, extra information for OneFlow services, NUMA placement for VMware 
VMs, etc. Additionally, a new FireEdge server is now shipped with OpenNebula, 
enabling new functionality in Sunstone—OpenNebula’s WebUI: auto refresh for VM 
and host states, VMRC console access for VMware VMs, Guacamole VNC/SSH and RDP, 
and more.'

As for VNC, I've seen some CMP that do use native VNC to ESXi for VM console, 
but those instructions always include opening up the ESXi firewall to permit 
that access which I'm adverse to... so if Morpheus or OpenNebula is using VNC 
there's some more flavor on it or brokering being orchestrated somehow to get 
the MKS ticket etc.

Case in point, the Apache CloudStack CMP does use VNC for VMware VM console and 
have instructions to increase ports and allow VNC through the host firewall in 
their ESXi setup guide and the above mentioned products do not have such 
instructions: 
http://docs.cloudstack.apache.org/en/4.18.0.0/installguide/hypervisor/vsphere.html?highlight=firewall#extend-port-range-for-cloudstack-console-proxy


In your service,
Aaron Meyer


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: VMRC protocol support?

[Alessandro Sironi]

I confirm that it use VNC, I have just use guacamole on aruba cloud to 
access one VM (aruba is an Italian ISP).


Alessandro

Il 23/03/2023 14:46, Nick Couchman ha scritto:

On Thu, Mar 23, 2023 at 9:22 AM Rasmus Haslund
 wrote:

I would LOVE to do the same. Aaron, can you name any examples of extensions 
that can do this?

Yes, knowing the names of the items that provide this would be
helpful. My assumption is that this is actually just using VNC to
access these consoles, but it'd be interesting to see if we could find
any specific documentation on that.

-NIck

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: VMRC protocol support?

[Nick Couchman]

On Thu, Mar 23, 2023 at 9:22 AM Rasmus Haslund
 wrote:
>
> I would LOVE to do the same. Aaron, can you name any examples of extensions 
> that can do this?

Yes, knowing the names of the items that provide this would be
helpful. My assumption is that this is actually just using VNC to
access these consoles, but it'd be interesting to see if we could find
any specific documentation on that.

-NIck

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: VMRC protocol support?

[Rasmus Haslund]

I would LOVE to do the same. Aaron, can you name any examples of extensions 
that can do this?

With best regards,
Rasmus Haslund
Principal Technologist & VMCT Program Manager | Veeam Software | Phone: +40 372 
821 972 | Twitter: @haslund

From: Aaron Meyer 
Reply to: "user@guacamole.apache.org" 
Date: Thursday, 23 March 2023 at 14.21
To: "user@guacamole.apache.org" 
Subject: VMRC protocol support?

I’ve seen a few commercial products that use guacd as a gateway for VMware VM 
console access using VMRC but I haven’t been able to find any documentation on 
how to utilize this.

Can someone please give me direction to documentations / examples on how to 
effect this – or is VMRC an example of a proprietary extension to the guacd 
project?

In your service,
Aaron Meyer

VMRC protocol support?

[Aaron Meyer]

I've seen a few commercial products that use guacd as a gateway for VMware
VM console access using VMRC but I haven't been able to find any
documentation on how to utilize this.

 

Can someone please give me direction to documentations / examples on how to
effect this - or is VMRC an example of a proprietary extension to the guacd
project?

 

In your service,

Aaron Meyer