Project

General

Profile

Feature #10691

Want rdesktop with GSS-API and TLS v1.3

Added by Espen Martinsen about 2 months ago. Updated 3 days ago.

Status:
Feedback
Priority:
Normal
Assignee:
Category:
OI-Userland
Target version:
Start date:
2019-04-03
Due date:
% Done:

50%

Estimated time:
Difficulty:
Medium
Tags:

Description

Hi,
I use openindiana/hipster daily as core OS, and have been using rdesktop against some terminal-servers to do work on window-machines.
Lately it has become more common to deny connections not supporting credSSP and TLSv3 (1,3?)

Therefore - I wish openindiana/hipster could switch from rdesktop, to xfreerdp or remmina, using "libgssglue".

History

#1

Updated by Alexander Pyhalov about 1 month ago

Hi. Currently we ship rdesktop 1.8.3, which supports CredSSP. To use it, first you should get kerberos ticket with kinit. Then you can use rdesktop -u 'user@DOMAIN' host.

#2

Updated by Espen Martinsen 27 days ago

Hi Alexander,
I rtied that but the WTS I'm need to access will just accept TLSv1.3 if I understand it correctly. My solution is VIrtualbox w/debian stretch + xfreerdp/remmina. Works for now.
It might get in there if/when openSSL1.1 or higher and rdesktop 1.8.4+ is coming. I can wait!

-e

#3

Updated by Michal Nowak 3 days ago

  • Subject changed from I wish openindiana/hipser will support a modern "rdesktop" to Want rdesktop with GSS-API and TLS v1.3
  • Category set to OI-Userland
  • Status changed from New to Feedback
  • Assignee set to Michal Nowak
  • Target version set to Hipster
  • % Done changed from 0 to 50
  • Tags deleted (needs-triage)

Espen, for this request to be satisfied rdesktop needs to be updated to the development/master branch, and thus warrants more testing that usual.

Here's the proposed PR: https://github.com/OpenIndiana/oi-userland/pull/5025.

Can you build it yourself and test Kerberos and TLS with VirtualBox and Windows?

Also available in: Atom PDF