[XPRA 6.2.0] - Unable to login using HTML5 client or proxy

Hi ! After updating to the latest version of XPRA, I am still encountering the login issue

Description:

Unable to login to XPRA using proxy or directly launching from terminal. Invalid user error. This is from a new fresh installation.

System Information (please complete the following information):

Server OS: Rocky 8.10 (VM)
Client OS: Windows 10 / Browser HTML5
XPRA version:

xpra-codecs-nvidia-6.2.0-10.r0.el8.x86_64
xpra-6.2.0-10.r0.el8.x86_64
xpra-audio-6.2.0-10.r0.el8.x86_64
xpra-client-gtk3-6.2.0-10.r0.el8.x86_64
xpra-filesystem-6.2.0-10.r0.el8.noarch
xpra-x11-6.2.0-10.r0.el8.x86_64
xpra-server-6.2.0-10.r0.el8.x86_64
xorg-x11-drv-dummy-0.4.1-1.xpra2.el8.x86_64
xpra-common-6.2.0-10.r0.el8.x86_64
xpra-client-6.2.0-10.r0.el8.x86_64
xpra-codecs-6.2.0-10.r0.el8.x86_64
xpra-html5-16.2-1.r0.el8.noarch

EDIT: Also tested today with this version:

xpra-filesystem-6.2.0-10.r2.el8.noarch
xpra-codecs-6.2.0-10.r2.el8.x86_64
xpra-server-6.2.0-10.r2.el8.x86_64
xpra-audio-6.2.0-10.r2.el8.x86_64
xpra-client-gtk3-6.2.0-10.r2.el8.x86_64
xorg-x11-drv-dummy-0.4.1-1.xpra2.el8.x86_64
xpra-codecs-nvidia-6.2.0-10.r2.el8.x86_64
xpra-x11-6.2.0-10.r2.el8.x86_64
xpra-client-6.2.0-10.r2.el8.x86_64
xpra-6.2.0-10.r2.el8.x86_64
xpra-html5-16.2-1.r0.el8.noarch
xpra-common-6.2.0-10.r2.el8.x86_64

To Reproduce Steps to reproduce the behavior:

Run the following server command: xpra proxy :14500 --daemon=no --tcp-auth=sys:client-username=yes:verify-username=no --ssl-cert=/etc/xpra/ssl/cert.pem --ssl-key=/etc/xpra/ssl/key.pem --bind-tcp=0.0.0.0:14500 -d auth
this is the error that appears in the web browser:

Log:

2024-10-14 16:29:32,104 PAM: verify_username=True, client_username=False
2024-10-14 16:29:32,104 <class 'xpra.server.auth.pam.Authenticator'>({'client-username': {'yes:verify-username': 'no'}, 'exec_cwd': '/etc/xpra/ssl', 'remote': {'uuid': '23456789ab9abcd56789ab8234012-01231234-89abcd00-abc3456789a56-4456789abcd85689abcd01233', 'username': 'comsearch'}, 'connection': wss socket: 192.168.0.32:14500 <- 192.168.0.19:58596, 'socket-dirs': ['/run/user/$UID/xpra', '/run/xpra', '~/.xpra']})
Traceback (most recent call last):
  File "/usr/lib64/python3.11/site-packages/xpra/server/core.py", line 1971, in make_authenticators
    authenticator = aclass(**opts)
                    ^^^^^^^^^^^^^^
  File "/usr/lib64/python3.11/site-packages/xpra/server/auth/pam.py", line 50, in __init__
    super().__init__(**kwargs)
  File "/usr/lib64/python3.11/site-packages/xpra/server/auth/sys_auth_base.py", line 280, in __init__
    super().__init__(**kwargs)
  File "/usr/lib64/python3.11/site-packages/xpra/server/auth/sys_auth_base.py", line 88, in __init__
    raise ValueError(f"invalid username {remote_username!r}")
ValueError: invalid username 'comsearch'
2024-10-14 16:29:32,104 instantiating authenticator for tcp
Traceback (most recent call last):
  File "/usr/lib64/python3.11/site-packages/xpra/server/core.py", line 2006, in verify_auth
    proto.authenticators = self.make_authenticators(socktype, remote, conn)
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.11/site-packages/xpra/server/core.py", line 1971, in make_authenticators
    authenticator = aclass(**opts)
                    ^^^^^^^^^^^^^^
  File "/usr/lib64/python3.11/site-packages/xpra/server/auth/pam.py", line 50, in __init__
    super().__init__(**kwargs)
  File "/usr/lib64/python3.11/site-packages/xpra/server/auth/sys_auth_base.py", line 280, in __init__
    super().__init__(**kwargs)
  File "/usr/lib64/python3.11/site-packages/xpra/server/auth/sys_auth_base.py", line 88, in __init__
    raise ValueError(f"invalid username {remote_username!r}")
ValueError: invalid username 'comsearch'
2024-10-14 16:29:32,105 Warning: authentication failed
2024-10-14 16:29:32,105  invalid username 'comsearch'
2024-10-14 16:29:33,107 Disconnecting client 192.168.0.19:58596:
2024-10-14 16:29:33,107  invalid username 'comsearch'
2024-10-14 16:29:33,111 1 packets received (1K bytes)
2024-10-14 16:29:33,111 1 packets sent (51 bytes)
2024-10-14 16:29:34,268 New socket connection received
2024-10-14 16:29:34,268  on '/run/user/0/xpra/iqlr8vm-14500'
2024-10-14 16:29:34,269 socktype=socket, encryption=None, keyfile=None
2024-10-14 16:29:34,321 New socket connection received
2024-10-14 16:29:34,321  on '/run/user/0/xpra/iqlr8vm-14500'
2024-10-14 16:29:34,322 socktype=socket, encryption=None, keyfile=None
2024-10-14 16:29:34,369 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '8a8c9397929a481389896924b3c2f8d8'}, socket socket:/run/user/0/xpra/iqlr8vm-14500) socket options={}
2024-10-14 16:29:34,370 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-14 16:29:34,370 all 0 authentication modules passed
2024-10-14 16:29:34,379 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '5ca4bc26e86d4ec3a6f59c7f994446b1'}, socket socket:/run/user/0/xpra/iqlr8vm-14500) socket options={}
2024-10-14 16:29:34,380 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-14 16:29:34,380 all 0 authentication modules passed
2024-10-14 16:29:34,619 New socket connection received
2024-10-14 16:29:34,619  on '/run/xpra/iqlr8vm-14500'
2024-10-14 16:29:34,619 socktype=socket, encryption=None, keyfile=None
2024-10-14 16:29:34,620 New socket connection received
2024-10-14 16:29:34,620  on '/run/xpra/iqlr8vm-14500'

when using this command: xpra proxy :14500 --daemon=no --tcp-auth=sys --ssl-cert=/etc/xpra/ssl/cert.pem --ssl-key=/etc/xpra/ssl/key.pem --bind-tcp=0.0.0.0:14500 -d auth
I get this log:

2024-10-15 10:21:31,132 socktype=wss, encryption=None, keyfile=None
2024-10-15 10:21:31,176 make_authenticators('tcp', {'uuid': '0123423456789ef456789abc3456-9abcde234-abc-789a563f-9abcdef123456789a23423456789abcde345678f', 'username': 'comsearch'}, wss socket: 192.168.0.32:14500 <- 192.168.0.19:65430) socket options={}
2024-10-15 10:21:31,176 creating authenticators ('sys', <module 'xpra.server.auth.pam' from '/usr/lib64/python3.11/site-packages/xpra/server/auth/pam.py'>, <class 'xpra.server.auth.pam.Authenticator'>, {'exec_cwd': '/etc/xpra/ssl'}) for tcp
2024-10-15 10:21:31,176 sys : <class 'xpra.server.auth.pam.Authenticator'>({'exec_cwd': '/etc/xpra/ssl', 'remote': {'uuid': '0123423456789ef456789abc3456-9abcde234-abc-789a563f-9abcdef123456789a23423456789abcde345678f', 'username': 'comsearch'}, 'connection': wss socket: 192.168.0.32:14500 <- 192.168.0.19:65430, 'socket-dirs': ['/run/user/$UID/xpra', '/run/xpra', '~/.xpra']})
2024-10-15 10:21:31,176 PAM: verify_username=True, client_username=True
2024-10-15 10:21:31,176 auth prompt=password for user 'comsearch', socket_dirs=['/run/user/$UID/xpra', '/run/xpra', '~/.xpra']
2024-10-15 10:21:31,176 authenticator 0=PAM
2024-10-15 10:21:31,176 processing authentication with (PAM,), remaining=(PAM,), digest_modes=('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'), salt_digest_modes=('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224')
2024-10-15 10:21:31,176 authenticator[0]=PAM, requires-challenge=True, challenge-sent=False
2024-10-15 10:21:31,176 get_challenge(('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'))=653d9da867650eaddcd033a1fa2c5704506e32c2124e0990bf7ac46cbc032d279de9ad873ba74c77db37527bad6a7e6a5d7175cc7877db9ff4318c02d43372a0, xor
2024-10-15 10:21:31,176 Authentication required by PAM authenticator module
2024-10-15 10:21:31,176  sending challenge using 'xor' digest over tcp connection
2024-10-15 10:21:31,176 PAM.choose_salt_digest(('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'))='hmac+sha512'
2024-10-15 10:21:31,176 PAM sending challenge "password for user 'comsearch'"
2024-10-15 10:21:31,181 processing authentication with (PAM,), remaining=(PAM,), digest_modes=('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'), salt_digest_modes=('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224')
2024-10-15 10:21:31,181 authenticator[0]=PAM, requires-challenge=True, challenge-sent=True
2024-10-15 10:21:31,181 combined salt(653d9da867650eaddcd033a1fa2c5704506e32c2124e0990bf7ac46cbc032d279de9ad873ba74c77db37527bad6a7e6a5d7175cc7877db9ff4318c02d43372a0, d3faacf1436d355fe011e53b8f52ad6dabc549a70cec8496f62103e85233f62e)=6333336434386664653934323535316432323063326534363138613062653436643439373437383836353164376332653365393638343230353134366561383034343538363933646564636465333865346536353936383261303763393939383161613438343930653037663436633063303666316531653937333561613765
2024-10-15 10:21:31,181 unxor_response(..) challenge-response=*********************
2024-10-15 10:21:31,181 client-salt='Óú¬ñCm5_à\x11å;\x8fR\xadm«ÅI§\x0cì\x84\x96ö!\x03èR3ö.', response salt=b'c33d48fde942551d220c2e4618a0be46d4974788651d7c2e3e9684205146ea804458693dedcde38e4e659682a07c99981aa48490e07f46c0c06f1e1e9735aa7e'
2024-10-15 10:21:31,181 pam.check_password(..) pw=pwd.struct_passwd(pw_name='comsearch', pw_passwd='x', pw_uid=1000, pw_gid=1000, pw_gecos='COMSEARCH', pw_dir='/home/comsearch', pw_shell='/bin/bash')
2024-10-15 10:21:31,181 pam check(comsearch, [..])
2024-10-15 10:21:31,184 pam_start: SUCCESS
2024-10-15 10:21:31,184 authenticate()
2024-10-15 10:21:31,187 pam_authenticate: SUCCESS
2024-10-15 10:21:31,188 pam_close_session: SUCCESS
2024-10-15 10:21:31,188 pam_end: SUCCESS
2024-10-15 10:21:31,188 authenticate_check(..)=True
2024-10-15 10:21:31,188 authentication challenge passed for PAM
2024-10-15 10:21:31,188 all 1 authentication modules passed
2024-10-15 10:21:31,189 PAM.get_sessions() uid=1000, gid=1000
2024-10-15 10:21:31,189 sockdir=DotXpra(/run/user/1000/xpra, ['/run/user/1000/xpra', '/run/xpra', '/home/comsearch/.xpra'] - 1000:1000 - comsearch), results=[(<SocketState.LIVE: 'LIVE'>, ':1'), (<SocketState.UNKNOWN: 'UNKNOWN'>, ':proxy-35080'), (<SocketState.UNKNOWN: 'UNKNOWN'>, ':0')], displays=[':1']
2024-10-15 10:21:31,189 PAM.get_sessions()=(1000, 1000, [':1'], {}, {})
2024-10-15 10:21:31,189 proxy_auth PAM.get_sessions()=(1000, 1000, [':1'], {}, {})
2024-10-15 10:21:31,189 proxy_auth(WebSocket(wss socket: 192.168.0.32:14500 <- 192.168.0.19:65430), {..}, {}) found sessions: (1000, 1000, [':1'], {}, {})
2024-10-15 10:21:31,192 proxy_session: displays=[':1'], start_sessions=True, start-new-session=typedict({})
2024-10-15 10:21:31,192 proxy_session: proxy-virtual-display=:14500 (ignored), user specified display=, found displays=[':1']
2024-10-15 10:21:32,188 started proxy instance pid 35718
2024-10-15 10:21:32,188  for client wss socket: 192.168.0.32:14500 <- 192.168.0.19:65430
2024-10-15 10:21:32,188  and server socket socket:  <- @xpra/1
2024-10-15 10:21:32,191 Warning: socket directory '/run/user/1000/xpra'
2024-10-15 10:21:32,191  expected permissions 775 but found 700
2024-10-15 10:21:32,193 proxy instance now also available using unix domain socket:
2024-10-15 10:21:32,193  /run/user/1000/xpra/iqlr8vm-proxy-35718
2024-10-15 10:21:32,231 proxy video encoders: none
2024-10-15 10:21:34,655 socktype=wss, encryption=None, keyfile=None
2024-10-15 10:21:34,700 make_authenticators('tcp', {'uuid': '0123423456789ef456789abc3456-9abcde234-abc-789a563f-9abcdef123456789a23423456789abcde345678f', 'username': 'comsearch'}, wss socket: 192.168.0.32:14500 <- 192.168.0.19:65462) socket options={}
2024-10-15 10:21:34,700 creating authenticators ('sys', <module 'xpra.server.auth.pam' from '/usr/lib64/python3.11/site-packages/xpra/server/auth/pam.py'>, <class 'xpra.server.auth.pam.Authenticator'>, {'exec_cwd': '/etc/xpra/ssl'}) for tcp
2024-10-15 10:21:34,701 sys : <class 'xpra.server.auth.pam.Authenticator'>({'exec_cwd': '/etc/xpra/ssl', 'remote': {'uuid': '0123423456789ef456789abc3456-9abcde234-abc-789a563f-9abcdef123456789a23423456789abcde345678f', 'username': 'comsearch'}, 'connection': wss socket: 192.168.0.32:14500 <- 192.168.0.19:65462, 'socket-dirs': ['/run/user/$UID/xpra', '/run/xpra', '~/.xpra']})
2024-10-15 10:21:34,701 PAM: verify_username=True, client_username=True
2024-10-15 10:21:34,701 auth prompt=password for user 'comsearch', socket_dirs=['/run/user/$UID/xpra', '/run/xpra', '~/.xpra']
2024-10-15 10:21:34,701 authenticator 0=PAM
2024-10-15 10:21:34,701 processing authentication with (PAM,), remaining=(PAM,), digest_modes=('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'), salt_digest_modes=('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224')
2024-10-15 10:21:34,701 authenticator[0]=PAM, requires-challenge=True, challenge-sent=False
2024-10-15 10:21:34,701 get_challenge(('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'))=00958c23d8155a85267aae01a95778a7835237f64a9f74436b7f99841964849c553bfeffb7ae0da7eede534b741e3b84a27a3424a90cbbc09d8156b64e48dd06, xor
2024-10-15 10:21:34,701 Authentication required by PAM authenticator module
2024-10-15 10:21:34,701  sending challenge using 'xor' digest over tcp connection
2024-10-15 10:21:34,701 PAM.choose_salt_digest(('hmac', 'hmac+md5', 'xor', 'keycloak', 'hmac+md5', 'hmac+sha256', 'hmac+sha1', 'hmac+sha512', 'hmac+sha384', 'hmac+sha512/256', 'hmac+sha512/224'))='hmac+sha512'
2024-10-15 10:21:34,701 PAM sending challenge "password for user 'comsearch'"
2024-10-15 10:21:34,704 1 packets received (4.2K bytes)
2024-10-15 10:21:34,704 1 packets sent (137 bytes)
2024-10-15 10:21:35,487 New socket connection received
2024-10-15 10:21:35,488  on '/run/user/0/xpra/iqlr8vm-14500'
2024-10-15 10:21:35,488 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:35,500 New socket connection received
2024-10-15 10:21:35,500  on '/run/user/0/xpra/iqlr8vm-14500'
2024-10-15 10:21:35,500 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:35,623 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '0055f2e7f0354a5591a67b2b855e5ce6'}, socket socket:/run/user/0/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:35,623 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:35,623 all 0 authentication modules passed
2024-10-15 10:21:35,633 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '71b7fe2c431f4d81832cfb84bc7ae316'}, socket socket:/run/user/0/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:35,634 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:35,634 all 0 authentication modules passed
2024-10-15 10:21:35,858 New socket connection received
2024-10-15 10:21:35,859  on '/run/xpra/iqlr8vm-14500'
2024-10-15 10:21:35,859 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:35,860 New socket connection received
2024-10-15 10:21:35,861  on '/run/xpra/iqlr8vm-14500'
2024-10-15 10:21:35,861 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:35,862 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': 'bc596f774b294c549e665eb3fb024b6b'}, socket socket:/run/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:35,862 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:35,862 all 0 authentication modules passed
2024-10-15 10:21:35,863 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': 'e17931d232f04efeabf4a2b5e91d26b2'}, socket socket:/run/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:35,863 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:35,863 all 0 authentication modules passed
2024-10-15 10:21:36,085 New socket connection received
2024-10-15 10:21:36,085  on '/root/.xpra/iqlr8vm-14500'
2024-10-15 10:21:36,085 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,086 New socket connection received
2024-10-15 10:21:36,086  on '/root/.xpra/iqlr8vm-14500'
2024-10-15 10:21:36,087 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,087 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '5518fbf1ed44472ebd9a3f7495ab8a02'}, socket socket:/root/.xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,088 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,088 all 0 authentication modules passed
2024-10-15 10:21:36,088 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': 'dc5591f14ec74296ba154d11e981b01b'}, socket socket:/root/.xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,088 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,088 all 0 authentication modules passed
2024-10-15 10:21:36,363 New socket connection received
2024-10-15 10:21:36,363  on '/run/user/0/xpra/iqlr8vm-14500'
2024-10-15 10:21:36,363 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,365 New socket connection received
2024-10-15 10:21:36,365  on '/run/user/0/xpra/iqlr8vm-14500'
2024-10-15 10:21:36,365 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,366 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '99396625fe6746daa35b64cbaea29124'}, socket socket:/run/user/0/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,366 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,366 all 0 authentication modules passed
2024-10-15 10:21:36,367 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '2877bb76d53743898f1a7e1628987d6c'}, socket socket:/run/user/0/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,367 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,367 all 0 authentication modules passed
2024-10-15 10:21:36,588 New socket connection received
2024-10-15 10:21:36,588  on '/run/xpra/iqlr8vm-14500'
2024-10-15 10:21:36,588 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,589 New socket connection received
2024-10-15 10:21:36,590  on '/run/xpra/iqlr8vm-14500'
2024-10-15 10:21:36,590 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,591 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': 'cc01295e9abe4e6094b727e1f1ee148b'}, socket socket:/run/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,591 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,591 all 0 authentication modules passed
2024-10-15 10:21:36,592 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': 'bb02d4cae065485c83be915af22bb1d8'}, socket socket:/run/xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,592 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,592 all 0 authentication modules passed
2024-10-15 10:21:36,819 New socket connection received
2024-10-15 10:21:36,819  on '/root/.xpra/iqlr8vm-14500'
2024-10-15 10:21:36,819 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,820 New socket connection received
2024-10-15 10:21:36,820  on '/root/.xpra/iqlr8vm-14500'
2024-10-15 10:21:36,820 socktype=socket, encryption=None, keyfile=None
2024-10-15 10:21:36,822 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '19aa4428247b43df81e0ebc94ada724a'}, socket socket:/root/.xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,822 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,822 all 0 authentication modules passed
2024-10-15 10:21:36,822 make_authenticators('socket', {'uuid': 'badfe5a29a292c3c6db1b3da3ad69475b55db97f18c2a19e6c8440065ad56ecf', 'session-id': '7154be9e75d444f7814ba24f64812c92'}, socket socket:/root/.xpra/iqlr8vm-14500) socket options={}
2024-10-15 10:21:36,822 processing authentication with (), remaining=(), digest_modes=('xor', 'hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b', 'des', 'kerberos', 'gss', 'u2f'), salt_digest_modes=('hmac+sha512', 'hmac+sha3_512', 'hmac+sha3_384', 'hmac+sha3_256', 'hmac+sha3_224', 'hmac+sha384', 'hmac+sha256', 'hmac+sha224', 'hmac+blake2s', 'hmac+blake2b')
2024-10-15 10:21:36,822 all 0 authentication modules passed

Additional info

Additionally, I had to manually change the cert and key directory in /usr/lib/systemd/system/xpra.service because the default installation does not reflect the new directory /etc/xpra/ssl/.... Proxy still not working because of a socket issue, but I will investigate and possibly open another ticket for that if necessary.

thanks!

Xpra-org / xpra

[XPRA 6.2.0] - Unable to login using HTML5 client or proxy #4392