Hi Nick, Yes. Sorry for not replying sooner. So currently we have defined a single shared account for all the systems that users use. I want to be able to have those users credentials passed from okta, through guacamole to the machine they are logging into. The link I provided does this via short lived certificates. Like Guacamole, there is no Cloudflare agent on the server that the credentials are passed to. This is done strictly with short lived certificates.
So instead of getting logged in as the Ubuntu user, I'm logged in as jmalena. If you were logging into the same machine, you would be logged in as ncouchman and so on. I can have users added to groups and have suddoer privileges for those groups done in Linux. Hope this helps with what I'm trying to accomplish. Jesus On Fri, Jun 21, 2024, 12:52 Nick Couchman <vn...@apache.org> wrote: > On Mon, Jun 17, 2024 at 7:15 PM Nick Couchman <vn...@apache.org> wrote: > >> On Thu, Jun 6, 2024 at 11:18 AM Jesus Malena <jesus.mal...@gmail.com> >> wrote: >> >>> Hi Nick, >>> >>> User guacamole authentication via an idp integration like okta. Want to >>> be able to do passthrough authentication from okta to a system with the >>> same username. If I'm authenticating as jmalena through okta, passing that >>> as a user to the target server as long as my user exists on that Linux >>> machine through guacamole via short lived certificates, or something like >>> that. >>> >>> >> I'm still not quite sure I understand what the expectation is, here. Is >> there some other product or documentation you can point to that implements >> this that we could look at that further explains what functionality you >> want implemented in Guacamole? >> >> > Sorry, you already provided this with the link to the CloudFlare SSH > information. > > -Nick > >>
