There is also the possibility that was discussed awhile ago that seems
to be at a pause currently about establishing VPN connections between
each workstation and the application server in order to securely request
services (XDMCP sessions, NFS mountpoints, etc.). In this scenario (as
with SSH tunneling services as well), the issue becomes how to securely
store/manage the keys for the encrypted tunnel connection(s). Ex: flash
disk in each thin-client to store the VPN certificates. But then
concerns about theft, etc. become issues as well. It all depends on how
secure you want to be, I suppose.
Hans Ekbrand wrote:
>On Thu, Apr 25, 2002 at 06:43:23AM -0600, [EMAIL PROTECTED] wrote:
>
>>Hello.
>>Im setting up an ltsp env. for test purposes, in a large company.
>>The question is, is it possible to encrypt the traffic between the terminal
>>and the server? how is the traffic handled, and what about sniffers?
>>this is an important question for the company, and if it is possible, I need
>>to know how it's done.
>>
>
>Possible to some extend, but involves some work. Using switches rather
>than hubs eliminates the sniffer problem, and improves performance
>greatly.
>
>If that level of security does not satisfy the company there are other
>measures. The following comes to my mind, but there must be other
>alternatives too.
>
>XDMCP is insecure by nature since it cannot be tunneled over
>SSH. As I understand it you could use VNC instead, which can be
>tunneled over SSH.
>
>Or, you could have local apps setup to run ssh, and run the
>windowmanager and all other x-clients at the LTSP server, tunneled
>over SSH.
>
--
Jason A. Pattie
[EMAIL PROTECTED]
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
