This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
wiki:advanced:x2gobroker:howitworks [2013/03/28 10:12] sunweaver [How does X2Go Session Brokerage Work] |
wiki:advanced:x2gobroker:howitworks [2013/03/28 10:22] sunweaver [Don't Check User Data] |
||
---|---|---|---|
Line 7: | Line 7: | ||
===== Authentication ===== | ===== Authentication ===== | ||
- | The X2Go client can use different methods of authentication | + | X2Go Client in broker mode will authenticate twice. First, it will authenticate |
- | With an HTTP(S) broker it could be //username and password//. With an SSH broker a //SSH key authentication// can also be used. | + | A gain in usability cerainly is, if one manages to reduce these two authentication |
+ | ==== Authentication methods against X2Go Session Broker ==== | ||
+ | |||
+ | In general, X2Go client can use different methods for authentication against an X2Go Session Broker. | ||
+ | |||
+ | With an HTTP(S) broker it could be //username and password//. With an SSH broker a //SSH key based authentication// | ||
+ | |||
+ | ==== Authentication methods against provided X2Go Servers ==== | ||
+ | |||
+ | For authentication against X2Go Servers, SSH is used. With SSH you can use //username and password// authentication, | ||
===== Extra Security: Pre-shared Authentication ID ===== | ===== Extra Security: Pre-shared Authentication ID ===== | ||
- | With both types of broker | + | With both session broker |
The file path to the authentication ID has to be specified as the X2Go Client command line option ''< | The file path to the authentication ID has to be specified as the X2Go Client command line option ''< | ||
+ | |||
+ | The usage of this feature is optional. | ||
===== Don't Check User Data ===== | ===== Don't Check User Data ===== | ||
- | In some setups it can make sense to give access to the X2Go Session Broker without authentication. | + | In some setups it can make sense to give access to the X2Go Session Broker without authentication. |
+ | |||
+ | __Example: | ||
When implementing your own session broker, you can configure the broker not to check the username (and password) at all. This is only possible with HTTP based brokers. | When implementing your own session broker, you can configure the broker not to check the username (and password) at all. This is only possible with HTTP based brokers. | ||
- | With SSH based X2Go Session Broker implementations, | + | With SSH based X2Go Session Broker implementations, |
===== Granting Access to the Broker ===== | ===== Granting Access to the Broker ===== |