subject:"otp auth can't scan qr code"

Re: otp auth can't scan qr code

2023-10-09 Thread Antoine Besnier

 That's most peculiar. Generation of QR Code is done by the package 
com.google.zxing.qrcode, Zxing being the most popular project for barcode 
generation, so the issue is most likely not there.
Have you tried to use online decoders to see if they can read your QR codes, 
and that it matches the keys and options? I tried with the sample you posted 
originally, and it worked fine.
Stupid question: have you tried adding a new user on your current instance, and 
see if the qr codes work?

And probably the most stupid question ever: are you sure your monitor is 
working properly, and that the camera of the devices you try to read the codes 
on are not damaged? Damaged enough to make the error correction of the codes 
fail.
For easy use of extensions with Docker, there are plenty of unofficial images 
where you just have to list the extensions you want in the docker-compose.With 
the official image, you'll need to mount a local directory, and then place the 
extensions in the appropriate place. See the documentation: Installing 
Guacamole with Docker — Apache Guacamole Manual v1.5.3. Extensions will go in 
the GUACAMOLE_HOME/extensions/ directory and guacamole.properties will be in 
GUACAMOLE_HOME
Cheers
Antoine 
Le vendredi 6 octobre 2023 à 08:49:22 UTC+2, Giacomo Marconi 
 a écrit :  

 Hi Antoine

I have the same problem with defaults parameters (sha1)
The problem is only while scanning, if I copy and paste the secret key manually 
in the apps, ALL apps are working.

I am actually testing Guacamole 1.5.3 on 2 systems with the same problem:
Ubuntu 22.0.4 host install from official docs
Debian 12 using the script https://github.com/itiligent/Guacamole-Install
I am also trying it on Alpine with docker, but I don’t understand how to right 
popolate the guacamole.properties with docker-compose (especially extensions).
Next step is to test with Tomcat8.    

The production system (1.1.0) has been working since 2020 with about 500 users.
I can’t  migrate to the new and force people to use differents totp apps or 
telling them to copy 56 chars :)

Giacomo

> On 5 Oct 2023, at 16:44, Antoine Besnier  
> wrote:
> 
> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
> cui ti fidi.
> Many TOTP code generation apps do not support anything else than SHA1 hash, 
> even if the RFC recommends the use of SHA2 (SHA-256 or SHA-512).
> It is difficult to get the exact info by platform and by application. I found 
> this article on the subject but it does not say what kind of non-default 
> parameter makes an application fail: Laban Sköllermark | Mobile Authenticator 
> Apps Algorithm Support Review - 2023 Edition (labanskoller.se)
> 
> For example, I could scan your code with Authy, MS Authenticator and Google 
> Authenticator on Android. Authy and MSA generated the same code, but not 
> Google. I do not know which one is correct (I could test on my Guacamole but 
> do not want to get locked out...)
> 
> If you want maximum compatibility, stay with sha1. The expiration of the time 
> based codes more than compensates for the "lower" security of sha1.
> 
> Cheers
> Antoine
> 
> (PS: if you see some connection attempts from France, blame me, I could not 
> resist giving it try...)
> 
> Le jeudi 5 octobre 2023 à 14:53:00 UTC+2, Giacomo Marconi 
>  a écrit :
> 
> 
> hi Nick
> 
> I’ve already tried default settings, and checked the time/date
> 
> Giacomo
> 
>> On 5 Oct 2023, at 14:38, Nick Couchman  wrote:
>> 
>> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
>> cui ti fidi.
>> On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi  
>> wrote:
>> Hi All
>> 
>> in my last Guacamole installation ver 1.5.3), the QR Code generated seems to 
>> be wrong.
>> The same TOTP App works only on one platform, for example Google 
>> Authenticator read the qr code in Android, but not in IOS. FreeOTP is 
>> working in IOS, but not in Android!
>> As you can see in the attachment the Secret Key is strangely long.
>> I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle JKD 
>> and openJDK) versions, without success.
>> 
>> Is it already happened to someone ?
>> 
>> 
>> I think the usual questions that come up are:
>> * Are you trying to change any of the parameters related to TOTP, or are you 
>> using the defaults (digits, time, etc.)?
>> * Have you verified that the clock on your Guacamole server(s) and your 
>> mobile devices are in sync?
>> 
>> -Nick
> 

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: otp auth can't scan qr code

2023-10-05 Thread Giacomo Marconi

Hi Antoine


I have the same problem with defaults parameters (sha1)
The problem is only while scanning, if I copy and paste the secret key manually 
in the apps, ALL apps are working.

I am actually testing Guacamole 1.5.3 on 2 systems with the same problem:
Ubuntu 22.0.4 host install from official docs
Debian 12 using the script https://github.com/itiligent/Guacamole-Install
I am also trying it on Alpine with docker, but I don’t understand how to right 
popolate the guacamole.properties with docker-compose (especially extensions).
Next step is to test with Tomcat8.  

The production system (1.1.0) has been working since 2020 with about 500 users.
I can’t  migrate to the new and force people to use differents totp apps or 
telling them to copy 56 chars :)

Giacomo

> On 5 Oct 2023, at 16:44, Antoine Besnier  
> wrote:
> 
> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
> cui ti fidi.
> Many TOTP code generation apps do not support anything else than SHA1 hash, 
> even if the RFC recommends the use of SHA2 (SHA-256 or SHA-512).
> It is difficult to get the exact info by platform and by application. I found 
> this article on the subject but it does not say what kind of non-default 
> parameter makes an application fail: Laban Sköllermark | Mobile Authenticator 
> Apps Algorithm Support Review - 2023 Edition (labanskoller.se)
> 
> For example, I could scan your code with Authy, MS Authenticator and Google 
> Authenticator on Android. Authy and MSA generated the same code, but not 
> Google. I do not know which one is correct (I could test on my Guacamole but 
> do not want to get locked out...)
> 
> If you want maximum compatibility, stay with sha1. The expiration of the time 
> based codes more than compensates for the "lower" security of sha1.
> 
> Cheers
> Antoine
> 
> (PS: if you see some connection attempts from France, blame me, I could not 
> resist giving it try...)
> 
> Le jeudi 5 octobre 2023 à 14:53:00 UTC+2, Giacomo Marconi 
>  a écrit :
> 
> 
> hi Nick
> 
> I’ve already tried default settings, and checked the time/date
> 
> Giacomo
> 
>> On 5 Oct 2023, at 14:38, Nick Couchman  wrote:
>> 
>> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
>> cui ti fidi.
>> On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi  
>> wrote:
>> Hi All
>> 
>> in my last Guacamole installation ver 1.5.3), the QR Code generated seems to 
>> be wrong.
>> The same TOTP App works only on one platform, for example Google 
>> Authenticator read the qr code in Android, but not in IOS. FreeOTP is 
>> working in IOS, but not in Android!
>> As you can see in the attachment the Secret Key is strangely long.
>> I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle JKD 
>> and openJDK) versions, without success.
>> 
>> Is it already happened to someone ?
>> 
>> 
>> I think the usual questions that come up are:
>> * Are you trying to change any of the parameters related to TOTP, or are you 
>> using the defaults (digits, time, etc.)?
>> * Have you verified that the clock on your Guacamole server(s) and your 
>> mobile devices are in sync?
>> 
>> -Nick
> 


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: otp auth can't scan qr code

2023-10-05 Thread Antoine Besnier

 Many TOTP code generation apps do not support anything else than SHA1 hash, 
even if the RFC recommends the use of SHA2 (SHA-256 or SHA-512).It is difficult 
to get the exact info by platform and by application. I found this article on 
the subject but it does not say what kind of non-default parameter makes an 
application fail: Laban Sköllermark | Mobile Authenticator Apps Algorithm 
Support Review - 2023 Edition (labanskoller.se)
For example, I could scan your code with Authy, MS Authenticator and Google 
Authenticator on Android. Authy and MSA generated the same code, but not 
Google. I do not know which one is correct (I could test on my Guacamole but do 
not want to get locked out...)
If you want maximum compatibility, stay with sha1. The expiration of the time 
based codes more than compensates for the "lower" security of sha1.
CheersAntoine
(PS: if you see some connection attempts from France, blame me, I could not 
resist giving it try...)

Le jeudi 5 octobre 2023 à 14:53:00 UTC+2, Giacomo Marconi 
 a écrit :  
 
 hi Nick
I’ve already tried default settings, and checked the time/date
Giacomo


On 5 Oct 2023, at 14:38, Nick Couchman  wrote:

| Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
cui ti fidi. |

On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi  
wrote:

Hi All
in my last Guacamole installation ver 1.5.3), the QR Code generated seems to be 
wrong.The same TOTP App works only on one platform, for example Google 
Authenticator read the qr code in Android, but not in IOS. FreeOTP is working 
in IOS, but not in Android!As you can see in the attachment the Secret Key is 
strangely long.I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java 
(Oracle JKD and openJDK) versions, without success.
Is it already happened to someone ?


I think the usual questions that come up are:* Are you trying to change any of 
the parameters related to TOTP, or are you using the defaults (digits, time, 
etc.)?* Have you verified that the clock on your Guacamole server(s) and your 
mobile devices are in sync?
-Nick

Re: otp auth can't scan qr code

2023-10-05 Thread Giacomo Marconi

hi Nick

I’ve already tried default settings, and checked the time/date

Giacomo

> On 5 Oct 2023, at 14:38, Nick Couchman  wrote:
> 
> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
> cui ti fidi.
> On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi  > wrote:
> Hi All
> 
> in my last Guacamole installation ver 1.5.3), the QR Code generated seems to 
> be wrong.
> The same TOTP App works only on one platform, for example Google 
> Authenticator read the qr code in Android, but not in IOS. FreeOTP is working 
> in IOS, but not in Android!
> As you can see in the attachment the Secret Key is strangely long.
> I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle JKD 
> and openJDK) versions, without success.
> 
> Is it already happened to someone ?
> 
> 
> I think the usual questions that come up are:
> * Are you trying to change any of the parameters related to TOTP, or are you 
> using the defaults (digits, time, etc.)?
> * Have you verified that the clock on your Guacamole server(s) and your 
> mobile devices are in sync?
> 
> -Nick

Re: otp auth can't scan qr code

2023-10-05 Thread Nick Couchman

On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi 
wrote:

> Hi All
>
> in my last Guacamole installation ver 1.5.3), the QR Code generated seems
> to be wrong.
> The same TOTP App works only on one platform, for example Google
> Authenticator read the qr code in Android, but not in IOS. FreeOTP is
> working in IOS, but not in Android!
> As you can see in the attachment the Secret Key is strangely long.
> I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle
> JKD and openJDK) versions, without success.
>
> Is it already happened to someone ?
>
>
I think the usual questions that come up are:
* Are you trying to change any of the parameters related to TOTP, or are
you using the defaults (digits, time, etc.)?
* Have you verified that the clock on your Guacamole server(s) and your
mobile devices are in sync?

-Nick

otp auth can't scan qr code

2023-10-05 Thread Giacomo Marconi

Hi All

in my last Guacamole installation ver 1.5.3), the QR Code generated seems to be 
wrong.
The same TOTP App works only on one platform, for example Google Authenticator 
read the qr code in Android, but not in IOS. FreeOTP is working in IOS, but not 
in Android!
As you can see in the attachment the Secret Key is strangely long.
I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle JKD 
and openJDK) versions, without success.

Is it already happened to someone ?

thanks

Giacomo

Re: otp auth can't scan qr code

Re: otp auth can't scan qr code

Re: otp auth can't scan qr code

Re: otp auth can't scan qr code

Re: otp auth can't scan qr code

otp auth can't scan qr code

6 matches

Site Navigation

Mail list logo

Footer information