Re: Configuring connections to use recording storage for docker version

[Nick Couchman]

On Fri, May 26, 2023 at 6:40 AM Golota S.V. 
wrote:

> after reading the manual many times, I came to the conclusion that there
> is no mention of recording-search-path in the docker-compose.yml file, but
> I did not find the syntax for entering it, I think that by default there is
> no place in the container for storing and indexing recording files. in some
> places it is mentioned that you need to enable EXTENSIONS:
> history-recording-storage and specify the path for storing
> recording-search-path: /var/lib/guacamole/recordings can you tell me how to
> do it right? attempting to display the file
> /home/guacamole/.guacamole/guacamole.properties from the container for
> editing did not work.
>

Yep, you are correct, the option for the recording storage path is not
available in the Docker startup script. Sorry we missed that earlier -
we'll need to put in a Jira ticket and change to add that option to the
startup.

Regarding the guacamole.properties file, most likely it is in
/etc/guacamole in the container, as that's the default GUACAMOLE_HOME
location.

-NIck

>

Re: Configuring connections to use recording storage for docker version

[Raj Burnwal]

Hey guys, I'm following this thread as I have to setup session recording on 
either docker or k8s setup. So, we need to mount /var/lib/guacamole/recordings 
directory on both guacd and guacamole container. How can we manage cross 
permissions on both containers? Documentation seems a bit vague.

Thanks,
Raj Burnwal

Get Outlook for Android

From: Nick Couchman 
Sent: Friday, May 26, 2023 5:53:02 PM
To: user@guacamole.apache.org 
Cc: Golota S.V. ; Michael Jumper 
Subject: Re: Configuring connections to use recording storage for docker version

On Fri, May 26, 2023 at 6:40 AM Golota S.V.  wrote:

after reading the manual many times, I came to the conclusion that there is no 
mention of recording-search-path in the docker-compose.yml file, but I did not 
find the syntax for entering it, I think that by default there is no place in 
the container for storing and indexing recording files. in some places it is 
mentioned that you need to enable EXTENSIONS: history-recording-storage and 
specify the path for storing recording-search-path: 
/var/lib/guacamole/recordings can you tell me how to do it right? attempting to 
display the file /home/guacamole/.guacamole/guacamole.properties from the 
container for editing did not work.

Yep, you are correct, the option for the recording storage path is not 
available in the Docker startup script. Sorry we missed that earlier - we'll 
need to put in a Jira ticket and change to add that option to the startup.

Regarding the guacamole.properties file, most likely it is in /etc/guacamole in 
the container, as that's the default GUACAMOLE_HOME location.

-NIck

CAUTION: This email was sent from an external source. This is not an Opcito 
User. Be cautious while downloading any attachments and clicking on links.
The content of this email is confidential and intended for the recipient 
specified in the message only. It is strictly forbidden to share any part of 
this message with any third party without the written consent of the sender. If 
you received this message by mistake, please reply to this message and follow 
with its deletion so that we can ensure such a mistake does not occur in the 
future.

Re: Configuring connections to use recording storage for docker version

[Golota S.V.]

guacamole.properties is located at: 
/home/guacamole/.guacamole/guacamole.properties and I can't mount it for 
editing and then saving.


26.05.2023 17:23, Nick Couchman пишет:
Yep, you are correct, the option for the recording storage path is not 
available in the Docker startup script. Sorry we missed that earlier - 
we'll need to put in a Jira ticket and change to add that option to 
the startup.


Regarding the guacamole.properties file, most likely it is in 
/etc/guacamole in the container, as that's the default GUACAMOLE_HOME 
location.


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail: sgol...@turgai.kz
сот. +2435230
раб. +77242261610


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Authentication using Private SSH Key

[Brad Turnbough]

Hi Everyone,

I'm trying to authenticate to a server using a username / private key / private 
key password.  I am able to authenticate to the host using this method manually 
(from the guacamole server command line).

I have the private key input into the connection settings, but I'm rejected 
when I enter the correct password for the key.  Can someone please assist?  It 
appears the key is able to be used / referenced, but the logs don't go into 
enough detail to provide enough info to resolve the issue.

The SSH Key in use information:
3072 SHA256:0fS/0MOfbjgjAIsaDb3myMQ3IbZqOSKacSpeQZdQu9ko user...@domainname.com 
(RSA)

GuacD logs:

root@qcy-guacamole-01:/var/lib/tomcat9/webapps/root/WEB-INF/classes# 
/usr/local/sbin/guacd -L debug -f
guacd[1264006]: INFO:   Guacamole proxy daemon (guacd) version 1.5.0 started
guacd[1264006]: DEBUG:  Successfully bound AF_INET socket to host 127.0.0.1, 
port 4822
guacd[1264006]: INFO:   Listening on host 127.0.0.1, port 4822
guacd[1264006]: INFO:   Creating new client for protocol "ssh"
guacd[1264006]: INFO:   Connection ID is "$bfca3e23-6443-4c6d-b4f2-921dc936b9e0"
guacd[1264009]: DEBUG:  Processing instruction: size
guacd[1264009]: DEBUG:  Processing instruction: audio
guacd[1264009]: DEBUG:  Processing instruction: video
guacd[1264009]: DEBUG:  Processing instruction: image
guacd[1264009]: DEBUG:  Processing instruction: timezone
guacd[1264009]: DEBUG:  Processing instruction: name
guacd[1264009]: DEBUG:  Parameter "scrollback" omitted. Using default value of 
1000.
guacd[1264009]: DEBUG:  Parameter "font-name" omitted. Using default value of 
"monospace".
guacd[1264009]: DEBUG:  Parameter "font-size" omitted. Using default value of 
12.
guacd[1264009]: DEBUG:  Parameter "color-scheme" omitted. Using default value 
of "".
guacd[1264009]: DEBUG:  Parameter "enable-sftp" omitted. Using default value of 
0.
guacd[1264009]: DEBUG:  Parameter "sftp-root-directory" omitted. Using default 
value of "/".
guacd[1264009]: DEBUG:  Parameter "sftp-disable-download" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "sftp-disable-upload" omitted. Using default 
value of 0.
guacd[1264009]: DEBUG:  Parameter "read-only" omitted. Using default value of 0.
guacd[1264009]: DEBUG:  Parameter "typescript-name" omitted. Using default 
value of "typescript".
guacd[1264009]: DEBUG:  Parameter "create-typescript-path" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "recording-name" omitted. Using default value 
of "recording".
guacd[1264009]: DEBUG:  Parameter "recording-exclude-output" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "recording-exclude-mouse" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "recording-include-keys" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "create-recording-path" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "server-alive-interval" omitted. Using 
default value of 0.
guacd[1264009]: DEBUG:  Parameter "backspace" omitted. Using default value of 
127.
guacd[1264009]: DEBUG:  Parameter "terminal-type" omitted. Using default value 
of "linux".
guacd[1264009]: DEBUG:  Parameter "timezone" omitted. Using default value of 
"America/Chicago".
guacd[1264009]: DEBUG:  Parameter "disable-copy" omitted. Using default value 
of 0.
guacd[1264009]: DEBUG:  Parameter "disable-paste" omitted. Using default value 
of 0.
guacd[1264009]: DEBUG:  Parameter "wol-send-packet" omitted. Using default 
value of 0.
guacd[1264009]: INFO:   User "@34acf123-d449-48e8-8c26-414f7b1ca8f6" joined 
connection "$bfca3e23-6443-4c6d-b4f2-921dc936b9e0" (1 users now present)
guacd[1264009]: DEBUG:  Client is using protocol version "VERSION_1_5_0"
guacd[1264009]: DEBUG:  Attempting private key import (WITHOUT passphrase)
guacd[1264009]: DEBUG:  Initial import failed: (null)
guacd[1264009]: DEBUG:  Re-attempting private key import (WITH passphrase)
guacd[1264009]: DEBUG:  Ignoring unknown keysym: 0xFFE2
guacd[1264009]: INFO:   Auth key successfully imported.
guacd[1264009]: DEBUG:  Successfully connected to host 10.200.14.106, port 22
guacd[1264009]: WARNING:No known host keys provided, host identity will 
not be verified.
guacd[1264009]: DEBUG:  Supported authentication methods: publickey,password
guacd[1264009]: ERROR:  Public key authentication failed: Unable to extract 
public key from private key.
guacd[1264009]: INFO:   User "@34acf123-d449-48e8-8c26-414f7b1ca8f6" 
disconnected (0 users remain)
guacd[1264009]: INFO:   Last user of connection 
"$bfca3e23-6443-4c6d-b4f2-921dc936b9e0" disconnected
guacd[1264009]: DEBUG:  Requesting termination of client...
guacd[1264009]: DEBUG:  Client terminated successfully.
guacd[1264006]: INFO:   Connection "$bfca3e23-6443-4c6d-b4f2-921dc936b9e0" 
removed.
guacd[1264006]: INFO:   Creating new client for protocol "ssh"
guacd[1264006]: INFO:   Connection ID is "$e04e8ed6-567a-405b-bc09-802b91fb691b"

Thank you,

Bra

RE: SSH Default Font / Size

[Brad Turnbough]

If someone was looking, on a Ubuntu 20.04 you can do the following:

Fc-list

/usr/share/fonts/truetype/dejavu/DejaVuSerif-Bold.ttf: DejaVu Serif:style=Bold
/usr/share/fonts/truetype/dejavu/DejaVuSansMono.ttf: DejaVu Sans Mono:style=Book
/usr/share/fonts/truetype/dejavu/DejaVuSansCondensed-Oblique.ttf: DejaVu 
Sans,DejaVu Sans Condensed:style=Condensed Oblique,Oblique
/usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed-BoldItalic.ttf: DejaVu 
Serif,DejaVu Serif Condensed:style=Condensed Bold Italic,Bold Italic
/usr/share/fonts/truetype/dejavu/DejaVuSans-ExtraLight.ttf: DejaVu Sans,DejaVu 
Sans Light:style=ExtraLight
/usr/share/fonts/truetype/dejavu/DejaVuSans.ttf: DejaVu Sans:style=Book
/usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed.ttf: DejaVu Serif,DejaVu 
Serif Condensed:style=Condensed,Book
/usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed-Italic.ttf: DejaVu 
Serif,DejaVu Serif Condensed:style=Condensed Italic,Italic
/usr/share/fonts/truetype/dejavu/DejaVuSerif-BoldItalic.ttf: DejaVu 
Serif:style=Bold Italic
/usr/share/fonts/truetype/dejavu/DejaVuSansMono-Oblique.ttf: DejaVu Sans 
Mono:style=Oblique
/usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed-Bold.ttf: DejaVu 
Serif,DejaVu Serif Condensed:style=Condensed Bold,Bold
/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf: DejaVu Sans:style=Bold
/usr/share/fonts/truetype/dejavu/DejaVuSansMono-BoldOblique.ttf: DejaVu Sans 
Mono:style=Bold Oblique
/usr/share/fonts/truetype/dejavu/DejaVuMathTeXGyre.ttf: DejaVu Math TeX 
Gyre:style=Regular
/usr/share/fonts/truetype/dejavu/DejaVuSansCondensed-BoldOblique.ttf: DejaVu 
Sans,DejaVu Sans Condensed:style=Condensed Bold Oblique,Bold Oblique
/usr/share/fonts/truetype/dejavu/DejaVuSansCondensed.ttf: DejaVu Sans,DejaVu 
Sans Condensed:style=Condensed,Book
/usr/share/fonts/truetype/dejavu/DejaVuSansCondensed-Bold.ttf: DejaVu 
Sans,DejaVu Sans Condensed:style=Condensed Bold,Bold
/usr/share/fonts/truetype/dejavu/DejaVuSansMono-Bold.ttf: DejaVu Sans 
Mono:style=Bold
/usr/share/fonts/truetype/dejavu/DejaVuSans-Oblique.ttf: DejaVu 
Sans:style=Oblique
/usr/share/fonts/truetype/dejavu/DejaVuSerif-Italic.ttf: DejaVu 
Serif:style=Italic
/usr/share/fonts/truetype/dejavu/DejaVuSerif.ttf: DejaVu Serif:style=Book
/usr/share/fonts/truetype/dejavu/DejaVuSans-BoldOblique.ttf: DejaVu 
Sans:style=Bold Oblique

Examples:
"DejaVu Serif"
"DejaVu Sans Mono"
"DejaVu Serif"




Thank you,

Brad Turnbough
Senior Technology Analyst

[cid:Backlund-Investment-logo_20ce9d6e-04b9-4d73-9d17-cfc69decf4cc.gif]

P: 309.272.2739 F: 309.272.2839

www.betterbanks.com
www.statestreetbank.com

NOTICE: The information contained in this email and any document attached 
hereto is intended only for the named recipient(s). If you are not the intended 
recipient, nor the employee or agent responsible for delivering this message in 
confidence to the intended recipient(s), you are hereby notified that you have 
received this transmittal in error, and any review, dissemination, distribution 
or copying of this transmittal or its attachments is strictly prohibited. If 
you have received this transmittal and/or attachments in error, please notify 
me immediately by reply e-mail and then delete this message, including any 
attachments.


From: Brad Turnbough 
Sent: Monday, May 22, 2023 8:54 AM
To: user@guacamole.apache.org
Subject: SSH Default Font / Size

It appears that I can change the default text size and also font, but I don't 
know where to look to see my available list of fonts.  I am using Guac 1.5.0 on 
Ubuntu 20.04.The current text font / size does not show underscores 
correctly - they aren't visible for some reason or another.

Option to disable password change in GUI when using mysql auth extension

[Manuel Marín]

Hi Guacamole community.

I'm using radius as auth backend + mysql. Mysql is basically used to be
able to use the GUI for creating connections and assigning connections to
users, however, when I edit a user via the GUI, it asks for a password
which does not make any sense as the password that is used to allow access
to Guacamole is the radius one. I was wondering if there is a way to
disable password editing in the GUI.

Thank you!

--

Re: Option to disable password change in GUI when using mysql auth extension

[Nick Couchman]

On Fri, May 26, 2023 at 2:19 PM Manuel Marín  wrote:
>
> Hi Guacamole community.
>
> I'm using radius as auth backend + mysql. Mysql is basically used to be able 
> to use the GUI for creating connections and assigning connections to users, 
> however, when I edit a user via the GUI, it asks for a password which does 
> not make any sense as the password that is used to allow access to Guacamole 
> is the radius one. I was wondering if there is a way to disable password 
> editing in the GUI.

If you leave the password box blank, it will just set a
randomly-generated password of sufficient length/complexity that the
password will not be used.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: SSH Default Font / Size

[Nick Couchman]

Thanks for posting this solution back to the list, Brad!

-Nick

On Fri, May 26, 2023 at 2:03 PM Brad Turnbough <
bturnbo...@backlundinvestment.com> wrote:

> If someone was looking, on a Ubuntu 20.04 you can do the following:
>
>
>
> Fc-list
>
>
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerif-Bold.ttf: DejaVu
> Serif:style=Bold
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansMono.ttf: DejaVu Sans
> Mono:style=Book
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansCondensed-Oblique.ttf: DejaVu
> Sans,DejaVu Sans Condensed:style=Condensed Oblique,Oblique
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed-BoldItalic.ttf:
> DejaVu Serif,DejaVu Serif Condensed:style=Condensed Bold Italic,Bold Italic
>
> /usr/share/fonts/truetype/dejavu/DejaVuSans-ExtraLight.ttf: DejaVu
> Sans,DejaVu Sans Light:style=ExtraLight
>
> /usr/share/fonts/truetype/dejavu/DejaVuSans.ttf: DejaVu Sans:style=Book
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed.ttf: DejaVu
> Serif,DejaVu Serif Condensed:style=Condensed,Book
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed-Italic.ttf: DejaVu
> Serif,DejaVu Serif Condensed:style=Condensed Italic,Italic
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerif-BoldItalic.ttf: DejaVu
> Serif:style=Bold Italic
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansMono-Oblique.ttf: DejaVu Sans
> Mono:style=Oblique
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerifCondensed-Bold.ttf: DejaVu
> Serif,DejaVu Serif Condensed:style=Condensed Bold,Bold
>
> /usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf: DejaVu
> Sans:style=Bold
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansMono-BoldOblique.ttf: DejaVu
> Sans Mono:style=Bold Oblique
>
> /usr/share/fonts/truetype/dejavu/DejaVuMathTeXGyre.ttf: DejaVu Math TeX
> Gyre:style=Regular
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansCondensed-BoldOblique.ttf:
> DejaVu Sans,DejaVu Sans Condensed:style=Condensed Bold Oblique,Bold Oblique
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansCondensed.ttf: DejaVu
> Sans,DejaVu Sans Condensed:style=Condensed,Book
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansCondensed-Bold.ttf: DejaVu
> Sans,DejaVu Sans Condensed:style=Condensed Bold,Bold
>
> /usr/share/fonts/truetype/dejavu/DejaVuSansMono-Bold.ttf: DejaVu Sans
> Mono:style=Bold
>
> /usr/share/fonts/truetype/dejavu/DejaVuSans-Oblique.ttf: DejaVu
> Sans:style=Oblique
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerif-Italic.ttf: DejaVu
> Serif:style=Italic
>
> /usr/share/fonts/truetype/dejavu/DejaVuSerif.ttf: DejaVu Serif:style=Book
>
> /usr/share/fonts/truetype/dejavu/DejaVuSans-BoldOblique.ttf: DejaVu
> Sans:style=Bold Oblique
>
>
>
> Examples:
>
> “DejaVu Serif”
>
> “DejaVu Sans Mono”
>
> “DejaVu Serif”
>
>
>
>
>
>
>
> Thank you,
>
> *Brad Turnbough*
> Senior Technology Analyst
>
>
>
> P: 309.272.2739 F: 309.272.2839
>
> www.betterbanks.com
> www.statestreetbank.com
>
> NOTICE: The information contained in this email and any document attached
> hereto is intended only for the named recipient(s). If you are not the
> intended recipient, nor the employee or agent responsible for delivering
> this message in confidence to the intended recipient(s), you are hereby
> notified that you have received this transmittal in error, and any review,
> dissemination, distribution or copying of this transmittal or its
> attachments is strictly prohibited. If you have received this transmittal
> and/or attachments in error, please notify me immediately by reply e-mail
> and then delete this message, including any attachments.
>
>
>
> *From:* Brad Turnbough 
> *Sent:* Monday, May 22, 2023 8:54 AM
> *To:* user@guacamole.apache.org
> *Subject:* SSH Default Font / Size
>
>
>
> It appears that I can change the default text size and also font, but I
> don’t know where to look to see my available list of fonts.  I am using
> Guac 1.5.0 on Ubuntu 20.04.The current text font / size does not show
> underscores correctly – they aren’t visible for some reason or another.
>
>
>
>
>

Re: Authentication using Private SSH Key

[Nick Couchman]

>
>
> guacd[1264009]: INFO:   Auth key successfully imported.
>
> guacd[1264009]: DEBUG:  Successfully connected to host 10.200.14.106, port
> 22
>
> guacd[1264009]: WARNING:No known host keys provided, host identity
> will not be verified.
>
> guacd[1264009]: DEBUG:  Supported authentication methods:
> publickey,password
>
> guacd[1264009]: ERROR:  Public key authentication failed: Unable to
> extract public key from private key.
>
>
>
I suspect that this error means that the key is in a format that libssh2
doesn't actually support, despite being told earlier that it was
"successfully imported."

What format is your private key file in (OpenSSH, RSA, etc.)?

-Nick

Re: Option to disable password change in GUI when using mysql auth extension

[Manuel Marín]

Hi Nick

Thanks for your response. I tried the suggestion but if I leave the
password blank, I get the following error when trying to save the user.

'The provider password does not match'

I'm not sure if I have to change something in the guacamole.properties
file. I'm running version 1.5.1

[image: image.png]

On Fri, May 26, 2023 at 12:24 PM Nick Couchman  wrote:

> On Fri, May 26, 2023 at 2:19 PM Manuel Marín  wrote:
> >
> > Hi Guacamole community.
> >
> > I'm using radius as auth backend + mysql. Mysql is basically used to be
> able to use the GUI for creating connections and assigning connections to
> users, however, when I edit a user via the GUI, it asks for a password
> which does not make any sense as the password that is used to allow access
> to Guacamole is the radius one. I was wondering if there is a way to
> disable password editing in the GUI.
>
> If you leave the password box blank, it will just set a
> randomly-generated password of sufficient length/complexity that the
> password will not be used.
>
> -Nick
>
> -
> To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
> For additional commands, e-mail: user-h...@guacamole.apache.org
>
>

-- 

Manuel Marín
Engineering

m...@flo.net
US +1 915 217 2232
MX +52 656 215 0906
flo.net

Flō Networks was formerly known as Transtelco / Flō Networks era
anteriormente conocido como Transtelco.

CONFIDENTIALITY NOTICE: This message is intended only for the individual or
entity to whom it is addressed. If you are not the intended recipient you
are notified that disclosing, copying, distributing or taking any action in
reliance on the contents of this information is strictly prohibited.

AVISO DE CONFIDENCIALIDAD:Esta comunicación es sólo para el uso de la
persona o entidad a la que se dirige y puede contener información
privilegiada, confidencial y exenta de divulgación bajo la legislación
aplicable. Si no es el destinatario de esta información, se le notifica que
cualquier uso, difusión, distribución o copia de la comunicación está
estrictamente prohibido.

RE: Authentication using Private SSH Key

[Brad Turnbough]

I believe it’s “RSA”.

Private key filename:   id_rsa
Public key filename: id_rsa.pub

I think that’s what you’re looking for, yes?




Thank you,

Brad Turnbough
Senior Technology Analyst

[cid:Backlund-Investment-logo_20ce9d6e-04b9-4d73-9d17-cfc69decf4cc.gif]

P: 309.272.2739 F: 309.272.2839

www.betterbanks.com
www.statestreetbank.com

NOTICE: The information contained in this email and any document attached 
hereto is intended only for the named recipient(s). If you are not the intended 
recipient, nor the employee or agent responsible for delivering this message in 
confidence to the intended recipient(s), you are hereby notified that you have 
received this transmittal in error, and any review, dissemination, distribution 
or copying of this transmittal or its attachments is strictly prohibited. If 
you have received this transmittal and/or attachments in error, please notify 
me immediately by reply e-mail and then delete this message, including any 
attachments.


From: Nick Couchman 
Sent: Friday, May 26, 2023 1:27 PM
To: user@guacamole.apache.org
Subject: Re: Authentication using Private SSH Key


guacd[1264009]: INFO:   Auth key successfully imported.
guacd[1264009]: DEBUG:  Successfully connected to host 10.200.14.106, port 22
guacd[1264009]: WARNING:No known host keys provided, host identity will 
not be verified.
guacd[1264009]: DEBUG:  Supported authentication methods: publickey,password
guacd[1264009]: ERROR:  Public key authentication failed: Unable to extract 
public key from private key.


I suspect that this error means that the key is in a format that libssh2 
doesn't actually support, despite being told earlier that it was "successfully 
imported."

What format is your private key file in (OpenSSH, RSA, etc.)?

-Nick

Re: Authentication using Private SSH Key

[Nick Couchman]

On Fri, May 26, 2023 at 2:53 PM Brad Turnbough
 wrote:
>
> I believe it’s “RSA”.
>
>
>
> Private key filename:   id_rsa
>
> Public key filename: id_rsa.pub

Yeah, but if you look at the top of the private key file, you'll see
something like:

-BEGIN RSA PRIVATE KEY-

or

-BEGIN OPENSSH PRIVATE KEY-

Even if you generate a "RSA" key using later versions of OpenSSH
generate it in the OPENSSH format, not RSA. I cannot remember, off the
top of my head, if libssh2 (or guacd) supports that format/header.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

RE: Authentication using Private SSH Key

[Brad Turnbough]

The private key file has a header / footer of:

-BEGIN OPENSSH PRIVATE KEY-

-END OPENSSH PRIVATE KEY-




Thank you,

Brad Turnbough
Senior Technology Analyst

P: 309.272.2739 F: 309.272.2839

www.betterbanks.com
www.glasfordbank.com



NOTICE: The information contained in this email and any document attached 
hereto is intended only for the named recipient(s). If you are not the intended 
recipient, nor the employee or agent responsible for delivering this message in 
confidence to the intended recipient(s), you are hereby notified that you have 
received this transmittal in error, and any review, dissemination, distribution 
or copying of this transmittal or its attachments is strictly prohibited. If 
you have received this transmittal and/or attachments in error, please notify 
me immediately by reply e-mail and then delete this message, including any 
attachments.

www.statestreetbank.com-Original Message-
From: Nick Couchman 
Sent: Friday, May 26, 2023 2:10 PM
To: user@guacamole.apache.org
Subject: Re: Authentication using Private SSH Key

On Fri, May 26, 2023 at 2:53 PM Brad Turnbough 
 wrote:
>
> I believe it’s “RSA”.
>
>
>
> Private key filename:   id_rsa
>
> Public key filename: id_rsa.pub

Yeah, but if you look at the top of the private key file, you'll see something 
like:

-BEGIN RSA PRIVATE KEY-

or

-BEGIN OPENSSH PRIVATE KEY-

Even if you generate a "RSA" key using later versions of OpenSSH generate it in 
the OPENSSH format, not RSA. I cannot remember, off the top of my head, if 
libssh2 (or guacd) supports that format/header.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

[ANNOUNCE] Apache Guacamole 1.5.2 released

[Michael Jumper]

The Apache Guacamole community is proud to announce the release of 
Apache Guacamole 1.5.2.


Apache Guacamole is a clientless remote desktop gateway which supports 
standard protocols like VNC, RDP, and SSH. We call it "clientless" 
because no plugins or client software are required; once Guacamole is 
installed on a server, all you need to access your desktops is a web 
browser.


The 1.5.2 release is a bugfix release that addresses a number of 
miscellaneous issues, including issues with the Docker images, web 
application UI, and systems in FIPS mode.


A full list of the changes in this release, along with links to 
downloads and updated documentation, can be found in the release notes:


https://guacamole.apache.org/releases/1.5.2/

For more information on Apache Guacamole, please see:

https://guacamole.apache.org/

Thanks!

The Apache Guacamole Community

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org