Thanks Mike!
I wasn't aware of point 2, actually that covers mi situation even
better!
Have a great day everyone!
El 2021-09-01 18:55, Mike Jumper escribió:
On Wed, Sep 1, 2021 at 4:29 PM Alejandro Hernandez
<[email protected]> wrote:
Hello!
I have 2 admins for Guacamole (GUI level, not Linux level).
Outside Guacamole those 2 persons do not share all of their passwords
(ie. just one knows the domain admin password).
Using Guacamole one could create a session so the other can use the
domain admin.
Since both are Guacamole admins, if the user that doesn't know the
password edits the respective connection would be able to see and then
know such password by simply, easily and quickly pressing the lock
icon next to it.
May I disable such lock icon? So they are able to enter any password
anywhere but then unable to see such password so easily...
I know that's doesn't make it entirely secure, but in that particular
case I think it would be enough.
No, and you definitely SHOULD NOT do this. You should only grant full
admin-level access to users that truly should be able to see and edit
everything. The "administer system" permission is identical in
principle to the root user on Linux systems.
Your options here would be:
* Integrate Guacamole with your Active Directory using LDAP and use
parameter tokens to pass through the user's own credentials, that way
no credentials are stored:
https://guacamole.apache.org/doc/gug/configuring-guacamole.html#parameter-tokens
* Do not grant these users full admin permission, but rather only any
relevant "create" permissions. They will only be able to see, edit, and
manage the connections or users that they create. Despite having admin
access to _their_ connections, they won't be able to see or touch the
connections created by the other.
* Separate the systems, giving one admin access to one and the other
admin access to the other.
* Leverage the upcoming vault support, when it's ready:
https://issues.apache.org/jira/browse/GUACAMOLE-641
Do not grant full admin access to users unless those users truly need
and should have that kind of access. If they shouldn't have that kind
of access, or you feel the need to restrict that access, then that
means they definitely should not be given that level of access.
Michael Jumper
CEO, Lead Developer
Glyptodon Inc [1].
Links:
------
[1] https://glyp.to/
