On Wed, Nov 22, 2023 at 10:20 AM Hooge, Thomas <[email protected]> wrote:
> > What do your SSH logs indicate? It looks like the SSH/SFTP connection is > failing > > for some reason, and you need to figure out why it's failing. > > Found solution: shell for the sftp-user was /bin/false. > Tried before lots of things because of libssh2 issues and > forgot about that. > Tried also /bin/nologin but seems to need a complete shell. > Changed to /bin/sh and it worked. > > Additional info: the ssh-connection was fine and so were no > error logs. But without shell nothings happend and rdp hangs > for rdp login waiting forever. > > Perhaps behaviour would be nicer to get information if sftp is > not working, run into timeout and continue with rdp session. > There was or is actually a Jira issue open requesting this, however I go back and forth about whether or not this is a good idea. On the one hand, I understand that the SFTP connection may not be critical to using RDP, and you may want RDP to continue. On the other hand, this could lead to a lot of confusion if you're expecting the SFTP connection to work and it just silently doesn't work and allows the rest of the connection to succeed. A warning might be worthwhile, but then there's a balance of how much information you give to the user, and whether that information is of any value to the user. If the SFTP connection fails, the user is probably just going to go back to the admin, anyway, so is a warning worth any more than just logging the issue to the guacd log file, which the administrator is going to be looking at, anyway? -Nick
