On Tue, May 14, 2002 at 11:42:47AM -0400, Julius Szelagiewicz wrote:
> Patrice,
> you are right about the "man in the middle" attack. my take on the
> whole discussion is that we are trying prevent people from sniffing
> passwords. ssh *would* work great for it, if the software loaded into the
Of course, I understand that (the lts_ssh package I did is specifically aimed
at that, prevent people from sniffing passwords and datas).
> workstation was capable of encrypting the password with a public key. we
> are looking at a change in the ltsp kernel (or possibly additional module)
> and a change in the login program to use ssh decryption to get the
> password. julius
There is something I don't understand. Is the login you're speaking about the
XDMCP login or a console (or maybe graphical) login at the workstation ?
If you agree with console login, maybe there is allready a solution:
1) One possibility would be to use vnc. ssh would be used for authentication,
but vnc wouldn't be tunneled (you may allready do that with my lts_ssh
package).
2) you can use ssh to do the authentication, get the users .Xauthority,
and afterwards launch X with the cookie based authentication.
Is it what you want ?
Pat
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
