[
https://issues.apache.org/jira/browse/GUACAMOLE-1674?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Jumper updated GUACAMOLE-1674:
-----------------------------------
Fix Version/s: 1.6.0
1.5.2
> RDP NLA security mode incompatible with FIPS
> ---------------------------------------------
>
> Key: GUACAMOLE-1674
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1674
> Project: Guacamole
> Issue Type: Bug
> Reporter: James Muehlner
> Priority: Major
> Fix For: 1.6.0, 1.5.2
>
>
> RDP connections established when guacd is running on a FIPS-enabled server do
> not work with the NLA security method.
> This appears to be due to FIPS-compatible ciphers not being implemented when
> using NLA security mode.
> For more information, see the following bug report:
> [https://github.com/FreeRDP/FreeRDP/issues/5746]
> It seems like this issue might possibly have been fixed in FreeRDP master in
> [this PR|[https://github.com/FreeRDP/FreeRDP/pull/7934],] but the changes are
> unreleased (and involve a major version bump to FreeRDP 3), so it's unlikely
> that we'll be able to use that fix, assuming it works, until Guacamole is
> fully migrated to a released version of FreeRDP 3.
> For now, we should probably just explicitly disable the NLA mode on the
> Guacamole side if FIPS is enabled, logging a warning if needed.
> Related: GUACAMOLE-1669
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
