What is the correct format for xpra password files?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
2
down vote

favorite












I created a username/password combination of the form onetwo:bucklemyshoe, ie the password file contains the single line onetwo|bucklemyshoe



Whenever I try to connect the message appears on the logon page:



You were disconnected for the following reason:

invalid challenge response


The logs display the following message



 Authentication required by password file authenticator module
sending challenge for username 'onetwo' using hmac+sha256 digest
Warning: hmac+sha256 challenge for 'onetwo' does not match
Warning: authentication failed
invalid challenge response
Disconnecting client Protocol(ws websocket: 111.111.111.111:14333 <- 222.222.222.222:35555):
invalid challenge response


It makes no difference whether Insecure plain-text passwords is checked or not.



The contents of the password file is not what xpra expects. Is the actual format documented somewhere? Is there an utility or script to create them in the right format?







share|improve this question




















  • This probably depends on your system and version. The command line man page here says use username|password|uid|gid|displays|env_opts|session_opts
    – meuh
    Feb 17 at 15:15










  • I tried the tcp-auth=pam option and that worked and that logged me straight into the desktop, but I don't like exposing desktop login details on the internet. I prefer a separate set of credentials for the web login page, then the user would then apply their desktop login details after the desktop page comes. I prefer a common page protected by http-auth, then the standard html client page, then the desktop
    – vfclists
    Feb 17 at 19:06














up vote
2
down vote

favorite












I created a username/password combination of the form onetwo:bucklemyshoe, ie the password file contains the single line onetwo|bucklemyshoe



Whenever I try to connect the message appears on the logon page:



You were disconnected for the following reason:

invalid challenge response


The logs display the following message



 Authentication required by password file authenticator module
sending challenge for username 'onetwo' using hmac+sha256 digest
Warning: hmac+sha256 challenge for 'onetwo' does not match
Warning: authentication failed
invalid challenge response
Disconnecting client Protocol(ws websocket: 111.111.111.111:14333 <- 222.222.222.222:35555):
invalid challenge response


It makes no difference whether Insecure plain-text passwords is checked or not.



The contents of the password file is not what xpra expects. Is the actual format documented somewhere? Is there an utility or script to create them in the right format?







share|improve this question




















  • This probably depends on your system and version. The command line man page here says use username|password|uid|gid|displays|env_opts|session_opts
    – meuh
    Feb 17 at 15:15










  • I tried the tcp-auth=pam option and that worked and that logged me straight into the desktop, but I don't like exposing desktop login details on the internet. I prefer a separate set of credentials for the web login page, then the user would then apply their desktop login details after the desktop page comes. I prefer a common page protected by http-auth, then the standard html client page, then the desktop
    – vfclists
    Feb 17 at 19:06












up vote
2
down vote

favorite









up vote
2
down vote

favorite











I created a username/password combination of the form onetwo:bucklemyshoe, ie the password file contains the single line onetwo|bucklemyshoe



Whenever I try to connect the message appears on the logon page:



You were disconnected for the following reason:

invalid challenge response


The logs display the following message



 Authentication required by password file authenticator module
sending challenge for username 'onetwo' using hmac+sha256 digest
Warning: hmac+sha256 challenge for 'onetwo' does not match
Warning: authentication failed
invalid challenge response
Disconnecting client Protocol(ws websocket: 111.111.111.111:14333 <- 222.222.222.222:35555):
invalid challenge response


It makes no difference whether Insecure plain-text passwords is checked or not.



The contents of the password file is not what xpra expects. Is the actual format documented somewhere? Is there an utility or script to create them in the right format?







share|improve this question












I created a username/password combination of the form onetwo:bucklemyshoe, ie the password file contains the single line onetwo|bucklemyshoe



Whenever I try to connect the message appears on the logon page:



You were disconnected for the following reason:

invalid challenge response


The logs display the following message



 Authentication required by password file authenticator module
sending challenge for username 'onetwo' using hmac+sha256 digest
Warning: hmac+sha256 challenge for 'onetwo' does not match
Warning: authentication failed
invalid challenge response
Disconnecting client Protocol(ws websocket: 111.111.111.111:14333 <- 222.222.222.222:35555):
invalid challenge response


It makes no difference whether Insecure plain-text passwords is checked or not.



The contents of the password file is not what xpra expects. Is the actual format documented somewhere? Is there an utility or script to create them in the right format?









share|improve this question











share|improve this question




share|improve this question










asked Feb 17 at 13:11









vfclists

2,47852441




2,47852441











  • This probably depends on your system and version. The command line man page here says use username|password|uid|gid|displays|env_opts|session_opts
    – meuh
    Feb 17 at 15:15










  • I tried the tcp-auth=pam option and that worked and that logged me straight into the desktop, but I don't like exposing desktop login details on the internet. I prefer a separate set of credentials for the web login page, then the user would then apply their desktop login details after the desktop page comes. I prefer a common page protected by http-auth, then the standard html client page, then the desktop
    – vfclists
    Feb 17 at 19:06
















  • This probably depends on your system and version. The command line man page here says use username|password|uid|gid|displays|env_opts|session_opts
    – meuh
    Feb 17 at 15:15










  • I tried the tcp-auth=pam option and that worked and that logged me straight into the desktop, but I don't like exposing desktop login details on the internet. I prefer a separate set of credentials for the web login page, then the user would then apply their desktop login details after the desktop page comes. I prefer a common page protected by http-auth, then the standard html client page, then the desktop
    – vfclists
    Feb 17 at 19:06















This probably depends on your system and version. The command line man page here says use username|password|uid|gid|displays|env_opts|session_opts
– meuh
Feb 17 at 15:15




This probably depends on your system and version. The command line man page here says use username|password|uid|gid|displays|env_opts|session_opts
– meuh
Feb 17 at 15:15












I tried the tcp-auth=pam option and that worked and that logged me straight into the desktop, but I don't like exposing desktop login details on the internet. I prefer a separate set of credentials for the web login page, then the user would then apply their desktop login details after the desktop page comes. I prefer a common page protected by http-auth, then the standard html client page, then the desktop
– vfclists
Feb 17 at 19:06




I tried the tcp-auth=pam option and that worked and that logged me straight into the desktop, but I don't like exposing desktop login details on the internet. I prefer a separate set of credentials for the web login page, then the user would then apply their desktop login details after the desktop page comes. I prefer a common page protected by http-auth, then the standard html client page, then the desktop
– vfclists
Feb 17 at 19:06










1 Answer
1






active

oldest

votes

















up vote
3
down vote













According to the xpra mailing list where this was also asked, the password file format is documented on the wiki:




Password File



"file" vs "multifile":



  • "file" contains a single password, the whole file is the password

  • "multifile" contains a list of authentication values, see proxy server file authentication - this module is deprecated in favour of "sqlite" which is easier to configure.



To make a regular password file, you just write the password in plaintext:



echo -n "bucklemyshoe" > yourpasswordfile.txt





share|improve this answer






















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );








     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f424797%2fwhat-is-the-correct-format-for-xpra-password-files%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    3
    down vote













    According to the xpra mailing list where this was also asked, the password file format is documented on the wiki:




    Password File



    "file" vs "multifile":



    • "file" contains a single password, the whole file is the password

    • "multifile" contains a list of authentication values, see proxy server file authentication - this module is deprecated in favour of "sqlite" which is easier to configure.



    To make a regular password file, you just write the password in plaintext:



    echo -n "bucklemyshoe" > yourpasswordfile.txt





    share|improve this answer


























      up vote
      3
      down vote













      According to the xpra mailing list where this was also asked, the password file format is documented on the wiki:




      Password File



      "file" vs "multifile":



      • "file" contains a single password, the whole file is the password

      • "multifile" contains a list of authentication values, see proxy server file authentication - this module is deprecated in favour of "sqlite" which is easier to configure.



      To make a regular password file, you just write the password in plaintext:



      echo -n "bucklemyshoe" > yourpasswordfile.txt





      share|improve this answer
























        up vote
        3
        down vote










        up vote
        3
        down vote









        According to the xpra mailing list where this was also asked, the password file format is documented on the wiki:




        Password File



        "file" vs "multifile":



        • "file" contains a single password, the whole file is the password

        • "multifile" contains a list of authentication values, see proxy server file authentication - this module is deprecated in favour of "sqlite" which is easier to configure.



        To make a regular password file, you just write the password in plaintext:



        echo -n "bucklemyshoe" > yourpasswordfile.txt





        share|improve this answer














        According to the xpra mailing list where this was also asked, the password file format is documented on the wiki:




        Password File



        "file" vs "multifile":



        • "file" contains a single password, the whole file is the password

        • "multifile" contains a list of authentication values, see proxy server file authentication - this module is deprecated in favour of "sqlite" which is easier to configure.



        To make a regular password file, you just write the password in plaintext:



        echo -n "bucklemyshoe" > yourpasswordfile.txt






        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Feb 25 at 18:30









        Michael Mrozek♦

        58.3k26184206




        58.3k26184206










        answered Feb 18 at 3:02









        totaam

        86559




        86559






















             

            draft saved


            draft discarded


























             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f424797%2fwhat-is-the-correct-format-for-xpra-password-files%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?