This shows you the differences between two versions of the page.
Next revision | Previous revision Next revision Both sides next revision | ||
wiki:advanced:x2gobroker:howitworks [2013/03/27 17:18] sunweaver created |
wiki:advanced:x2gobroker:howitworks [2013/03/28 10:20] sunweaver [Extra Security: Pre-shared Authentication ID] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== How does X2Go Session | + | ====== How does X2Go Session |
+ | |||
+ | //Provided by Oleksandr Shneyder, edited by Mike Gabriel// | ||
+ | |||
+ | This is about how X2Go Client and a generic X2Go Session Broker communicate with each other. This article will quickly become rather technical. | ||
===== Authentication ===== | ===== Authentication ===== | ||
- | The X2Go client can use different methods | + | X2Go Client in broker mode will authenticate twice. First, it will authenticate against the X2Go Session Broker, second, it will authenticate against one of the servers provided by the broker in form of X2Go session profiles. Dual authentication |
- | With an HTTP(S) broker it could be //username and password//. With an SSH broker a //SSH key authentication// can also be used. | + | A gain in usability cerainly is, if one manages to reduce these two authentication |
+ | ==== Authentication methods against X2Go Session Broker ==== | ||
+ | |||
+ | In general, X2Go client can use different methods for authentication against an X2Go Session Broker. | ||
+ | |||
+ | With an HTTP(S) broker it could be //username and password//. With an SSH broker a //SSH key based authentication// | ||
+ | |||
+ | ==== Authentication methods against provided X2Go Servers ==== | ||
+ | |||
+ | For authentication against X2Go Servers, SSH is used. With SSH you can use //username and password// authentication, | ||
===== Extra Security: Pre-shared Authentication ID ===== | ===== Extra Security: Pre-shared Authentication ID ===== | ||
- | With both types of broker | + | With both session broker |
- | \n | + | |
The file path to the authentication ID has to be specified as the X2Go Client command line option ''< | The file path to the authentication ID has to be specified as the X2Go Client command line option ''< | ||
+ | |||
+ | The usage of this feature is optional. | ||
===== Don't Check User Data ===== | ===== Don't Check User Data ===== | ||
Line 55: | Line 70: | ||
</ | </ | ||
- | ==== Sesssion | + | ==== Session |
The option keys and values are the same as in X2Go Client' | The option keys and values are the same as in X2Go Client' | ||
Line 149: | Line 164: | ||
==== Providing Auto-Login via SSH Keys ==== | ==== Providing Auto-Login via SSH Keys ==== | ||
- | The broker can also provide | + | The broker can also provide |
<code perl> | <code perl> | ||
Line 177: | Line 192: | ||
</ | </ | ||
- | Providing SSH Keys can be increase usability of X2Go in several cases. | + | Providing SSH keys can be increase usability of X2Go in several cases. |
It is highly recommended to transfer SSH keys only over encrypted channels (HTTPS or SSH broker). | It is highly recommended to transfer SSH keys only over encrypted channels (HTTPS or SSH broker). |