On Tue, May 14, 2002 at 11:42:47AM -0400, Julius Szelagiewicz wrote: > Patrice, > you are right about the "man in the middle" attack. my take on the > whole discussion is that we are trying prevent people from sniffing > passwords. ssh *would* work great for it, if the software loaded into the
Of course, I understand that (the lts_ssh package I did is specifically aimed at that, prevent people from sniffing passwords and datas). > workstation was capable of encrypting the password with a public key. we > are looking at a change in the ltsp kernel (or possibly additional module) > and a change in the login program to use ssh decryption to get the > password. julius There is something I don't understand. Is the login you're speaking about the XDMCP login or a console (or maybe graphical) login at the workstation ? If you agree with console login, maybe there is allready a solution: 1) One possibility would be to use vnc. ssh would be used for authentication, but vnc wouldn't be tunneled (you may allready do that with my lts_ssh package). 2) you can use ssh to do the authentication, get the users .Xauthority, and afterwards launch X with the cookie based authentication. Is it what you want ? Pat _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.openprojects.net