Comments on: Sun’s VirtualBox 3.1.x: Getting VRDP (remote desktop) to authenticate properly with Linux PAM http://froebe.net/blog/2010/01/22/suns-virtualbox-3-1-x-getting-vrdp-remote-desktop-to-authenticate-properly-with-linux-pam/ Tips & Tricks for Databases (Sybase, Oracle, MySQL, PostgreSQL, SQLite), Windows, Linux, Solaris, Perl, Java, Bash and so much much more Tue, 07 Feb 2012 19:24:32 +0000 hourly 1 http://wordpress.org/?v=3.1.2 By: Wes http://froebe.net/blog/2010/01/22/suns-virtualbox-3-1-x-getting-vrdp-remote-desktop-to-authenticate-properly-with-linux-pam/comment-page-1/#comment-10530 Wes Sat, 10 Apr 2010 00:36:41 +0000 http://froebe.net/blog/?p=1193#comment-10530 I am also running an ubuntu server 9.10, trying to get multiple users with user accounts to be able to log in to the same vm. I can successfully login with the user that started the vm. I tried your solution, but am running into the problem detailed here: http://www.virtualbox.org/ticket/5712 , which is that VRDP just passes the login information right to pam which verifies the username and password against the uid, which of course fails for any user who is not the user who started the headless session. Any suggestions? I am also running an ubuntu server 9.10, trying to get multiple users with user accounts to be able to log in to the same vm. I can successfully login with the user that started the vm. I tried your solution, but am running into the problem detailed here: http://www.virtualbox.org/ticket/5712 , which is that VRDP just passes the login information right to pam which verifies the username and password against the uid, which of course fails for any user who is not the user who started the headless session. Any suggestions?

]]> By: Jason L Froebe http://froebe.net/blog/2010/01/22/suns-virtualbox-3-1-x-getting-vrdp-remote-desktop-to-authenticate-properly-with-linux-pam/comment-page-1/#comment-10306 Jason L Froebe Sat, 23 Jan 2010 13:56:01 +0000 http://froebe.net/blog/?p=1193#comment-10306 VirtualBox, itself, doesn't have a rc.init service but VBoxTool has a rc.init script for it. You're right, if the user that starts the virtual machines is root or equivalent, then they don't need to be added to the shadow group because it already has access to it (uid 0). :) So, adding the user to the shadow group only applies if the user is not root and you're using the normal PAM authentication modules. The nice thing about PAM is that you can have it authenticate against just about anything. jason VirtualBox, itself, doesn’t have a rc.init service but VBoxTool has a rc.init script for it. You’re right, if the user that starts the virtual machines is root or equivalent, then they don’t need to be added to the shadow group because it already has access to it (uid 0). :)

So, adding the user to the shadow group only applies if the user is not root and you’re using the normal PAM authentication modules. The nice thing about PAM is that you can have it authenticate against just about anything.

jason

]]> By: Equals42 http://froebe.net/blog/2010/01/22/suns-virtualbox-3-1-x-getting-vrdp-remote-desktop-to-authenticate-properly-with-linux-pam/comment-page-1/#comment-10304 Equals42 Sat, 23 Jan 2010 01:06:17 +0000 http://froebe.net/blog/?p=1193#comment-10304 Is virtualbox a service that is started by init.d or some such or are you referring to the user that spins up each guest? I'm just wondering why anyone should have to be added to shadow if system or root starts the process. Maybe I've just had too many margaritas. Chris R Is virtualbox a service that is started by init.d or some such or are you referring to the user that spins up each guest? I’m just wondering why anyone should have to be added to shadow if system or root starts the process. Maybe I’ve just had too many margaritas.

Chris R

]]> By: Jason L Froebe http://froebe.net/blog/2010/01/22/suns-virtualbox-3-1-x-getting-vrdp-remote-desktop-to-authenticate-properly-with-linux-pam/comment-page-1/#comment-10303 Jason L Froebe Fri, 22 Jan 2010 16:48:01 +0000 http://froebe.net/blog/?p=1193#comment-10303 UPDATE! Only the user that <b>starts</b> the virtualmachines need to be part of shadow. Even better UPDATE! Only the user that starts the virtualmachines need to be part of shadow. Even better

]]>