This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
wiki:advanced:x2gobroker:howitworks [2013/03/27 17:31] sunweaver [Extra Security: Pre-shared Authentication ID] |
wiki:advanced:x2gobroker:howitworks [2013/03/28 10:19] sunweaver [Extra Security: Pre-shared Authentication ID] |
||
---|---|---|---|
Line 3: | Line 3: | ||
//Provided by Oleksandr Shneyder, edited by Mike Gabriel// | //Provided by Oleksandr Shneyder, edited by Mike Gabriel// | ||
- | This is about how X2Go Client and a generic X2Go Session Broker communicate with each other. | + | This is about how X2Go Client and a generic X2Go Session Broker communicate with each other. This article |
- | + | ||
- | Note: This article | + | |
===== Authentication ===== | ===== Authentication ===== | ||
- | The X2Go client can use different methods | + | X2Go Client in broker mode will authenticate twice. First, it will authenticate against the X2Go Session Broker, second, it will authenticate against one of the servers provided by the broker in form of X2Go session profiles. Dual authentication means: the user has to type his/her username and password twice. |
+ | |||
+ | A gain in usability cerainly is, if one manages to reduce these two authentication requests to one. How this can be achieved will be explained further below. | ||
+ | |||
+ | ==== Authentication methods against X2Go Session Broker ==== | ||
+ | |||
+ | In general, | ||
+ | |||
+ | With an HTTP(S) broker it could be //username and password//. With an SSH broker a //SSH key based authentication// | ||
- | With an HTTP(S) broker it could be //username and password//. With an SSH broker a //SSH key authentication// | + | ==== Authentication methods against provided X2Go Servers ==== |
+ | For authentication against X2Go Servers, SSH is used. With SSH you can use //username and password// authentication, | ||
===== Extra Security: Pre-shared Authentication ID ===== | ===== Extra Security: Pre-shared Authentication ID ===== | ||
- | With both types of broker | + | With both session broker |
The file path to the authentication ID has to be specified as the X2Go Client command line option ''< | The file path to the authentication ID has to be specified as the X2Go Client command line option ''< | ||
Line 155: | Line 162: | ||
==== Providing Auto-Login via SSH Keys ==== | ==== Providing Auto-Login via SSH Keys ==== | ||
- | The broker can also provide | + | The broker can also provide |
<code perl> | <code perl> | ||
Line 183: | Line 190: | ||
</ | </ | ||
- | Providing SSH Keys can be increase usability of X2Go in several cases. | + | Providing SSH keys can be increase usability of X2Go in several cases. |
It is highly recommended to transfer SSH keys only over encrypted channels (HTTPS or SSH broker). | It is highly recommended to transfer SSH keys only over encrypted channels (HTTPS or SSH broker). |