RDP security negotiation breaks remote login
Bug #1084465 reported by
David Barth
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| PAM FreeRDP Module |
Confirmed
|
Medium
|
David Barth | ||
Bug Description
Login can fail because of a mismatched certificate:
printf "%s\n" "XXXXXXX" | /usr/lib/
connected to XX.XX.XX.XX:3389
@@@@@@@
@ WARNING: CERTIFICATE NAME MISMATCH! @
@@@@@@@
The hostname used for this connection (XX.XX.XX.XX)
does not match the name given in the certificate:
WINDOWS-XXXXXXX
A valid certificate for the wrong name should NOT be trusted!
SSL_write: Failure in SSL library (protocol error?)
Authentication failure, check credentials.
If credentials are valid, the NTLMSSP implementation may be to blame.
Revision history for this message
| David Barth (dbarth) wrote | #1 |
| summary: |
- Can't login because of certificate mismatch + RDP security negotiation breaks remote login |
| Changed in libpam-freerdp: | |
| status: | New → Confirmed |
| importance: | Undecided → High |
| importance: | High → Medium |
| assignee: | nobody → David Barth (dbarth) |
To post a comment you must log in.
The issue turned out to be due to the RDP Security Layer config being set to "Negotiate", instead of the plain "RDP Security Layer". That itself was sufficient to break the remote login in lightdm, whereas a direct xfreerdp connection to the server was still succeeding.