From: "Jeff Roberts" <[EMAIL PROTECTED]>
> It works much better with linux. I have used on connections
> as slow as 64k
> with almost no performance hit(with compression set to the highest).
> I use it to get to all my ltsp servers from my laptop
> (windows) and from my linux desktop.
> I would use it to get to them from home, but I'm not sure
> how good of an
> idea it is from a security standpoint (Probably no worse than
> my windows
> terminal server having the ica ports open to the internet).
Do you have a SSH capability, either through the firewall or
into the bastion host? Recent TightVNC versions under Linux
have the command line option "-tunnel" that will use SSH to
get a secure link to the target machine, then push all the
VNC traffic (including login) through that secure link.
The option "-via" does the same thing, except that the
machine accepting the SSH connection need not be the one
that you want to access the display on. With full PKI
key security under SSH, I routinely do the following:
ssh-add ~/.ssh/magic-key
[answer the passphrase prompt]
vnc -via linuxfirewall.company.com windowshost.internalnetwork:0
Given that VNC is inherently an insecure method, some people
suggest that all hosts should have their VNC ports blocked
and only accept VNC sessions from the loopback interface.
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
