On Thu, 7 Mar 2002, Jason A. Pattie wrote:
> John Cuzzola wrote:
>
> >*** A possible solution may be to create a VPN(IPSEC) betweeen the client
> >and the server. Allow the home directory to be mounted only through the
> >VPN.
> >
> A very good solution and one that is not too hefty to implement.
> However, how to you store "securely" the secret keys for each
> workstation? The only way that I can think of a solution for this is to
> have local storage in some form on the thin-client workstation.
>
>
*** And there's the catch. You'll either need some kind of local storage
or a way to transmit the key secretly. I think with any type of security
there is no absolute method but a combination that would frustrate a
would-be hacker. A combination of filtering based on MAC plus VPN/IPSEC
plus key transmitted using PGP or similiar (or better yet a randomized key
based on
clients MAC address) should make it difficult enough to thwart most.
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
