Start a new topic

support public/private keypairs for authentication via virtual RS accounts

Instead of users authenticating to RS with passwords, it would be better to allow users and/or the server admin to configure (and require use of) public/private keypairs. This removes the need for both server and client (2 separate security surface areas) to have the password stored; in a key-based configuration, only the client needs to keep the private key.


Further. it would be nice if a keyword could be set on client+server for connection obfuscation, an additional layer of security.


Since RS uses Windows accounts for authentication, there is currently no straightforward way to do this. The obvious solution is implementation of virtual accounts (in a RS database) which could be used to authenticate to RS; then users could optionally use Windows accounts to login to the underlying server via RDP, etc.
1 Comment

 Also would be good to have an option to connect virtual accounts with Windows accounts so authentication is seamless and automated.

Login or Signup to post a comment