On Thu, Mar 07, 2002 at 10:19:52AM -0600, Jason A. Pattie wrote: > John Cuzzola wrote: > > >*** A possible solution may be to create a VPN(IPSEC) betweeen the client > >and the server. Allow the home directory to be mounted only through the > >VPN. > > > A very good solution and one that is not too hefty to implement. > However, how to you store "securely" the secret keys for each > workstation?
That would not be necessary. The workstations never mounts /home (unless we are speaking of local apps here, but that is another story). So only the LTSP servers need to be involved in the VPN/secret-key thingy. AFS or Samba has been suggested as superior alternatives to NFS and NFS over VPN sounds more difficult to implement, though I haven't tried any of them. -- Hans Ekbrand
msg03615/pgp00000.pgp
Description: PGP signature