* RHEL 6.9 i386
When I log in to ThinLinc with SSH public key authentication
and start tl-run-rdesktop, I expect to see an rdesktop window.
What actually happens:
rdesktop hangs on a read from stdin.
This is (most likely) a password prompt from rdesktop. tl-run-rdesktop does not handle this and present it to the user. After running tl-sso-update-password, tl-run-rdesktop works as expected.
This problem originates from the upstream fix:
Author: Henrik Andersson <email@example.com>
Date: 2017-08-15 12:37:14 +0200
Always prompt for password if not provided via commandline.
This fixes several issues where credentials are required
before the connection is carried out. Such as dual
authentication prompts when redirected by load balancer.
We need to explore the various solutions.
We have decided to patch out the required password prompt locally in ThinLinc for the upcoming release due to the upstream solution is not 100% correct.
Unfortunately the #ifdef wasn't enough as SSO no longer works now.
The #ifdef completely removes the call to read_password(). We need to bring back the prompt_password variable and associated behaviour from r32760.
Tested that we now have the same behaviour as in ThinLinc 4.8.0. Tested against 2008R2, 2012R2 and 2016, both with and without CredSSP, and with and without redirection.
With SSO everything works fine. Without SSO you get one server side auth in every case except redirect for a new session when you get two (same on all Windows versions).
rdesktop (and associated tools) is being removed from the ThinLinc product.