On Thu, 7 Mar 2002, Jason A. Pattie wrote: > John Cuzzola wrote: > > >*** A possible solution may be to create a VPN(IPSEC) betweeen the client > >and the server. Allow the home directory to be mounted only through the > >VPN. > > > A very good solution and one that is not too hefty to implement. > However, how to you store "securely" the secret keys for each > workstation? The only way that I can think of a solution for this is to > have local storage in some form on the thin-client workstation. > > *** And there's the catch. You'll either need some kind of local storage or a way to transmit the key secretly. I think with any type of security there is no absolute method but a combination that would frustrate a would-be hacker. A combination of filtering based on MAC plus VPN/IPSEC plus key transmitted using PGP or similiar (or better yet a randomized key based on clients MAC address) should make it difficult enough to thwart most.
_____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.openprojects.net