Re: [Ltsp-discuss] Stunnel and encrypted traffic

Tue, 14 May 2002 12:08:22 -0700 

Patrice,
        your number 2 solution should work, provided that the workstation
can *locally* encrypt the traffic with a public key. julius

On Tue, 14 May 2002, Patrice DUMAS - DOCT wrote:

> On Tue, May 14, 2002 at 11:42:47AM -0400, Julius Szelagiewicz wrote:
> > Patrice,
> >     you are right about the "man in the middle" attack. my take on the
> > whole discussion is that we are trying prevent people from sniffing
> > passwords. ssh *would* work great for it, if the software loaded into the
>
> Of course, I understand that (the lts_ssh package I did is specifically aimed
> at that, prevent people from sniffing passwords and datas).
>
> > workstation was capable of encrypting the password with a public key. we
> > are looking at a change in the ltsp kernel (or possibly additional module)
> > and a change in the login program to use ssh decryption to get the
> > password. julius
>
> There is something I don't understand. Is the login you're speaking about the
> XDMCP login or a console (or maybe graphical) login at the workstation ?
>
> If you agree with console login, maybe there is allready a solution:
>
> 1) One possibility would be to use vnc. ssh would be used for authentication,
> but vnc wouldn't be tunneled (you may allready do that with my lts_ssh
> package).
>
> 2) you can use ssh to do the authentication, get the users .Xauthority,
> and afterwards launch X with the cookie based authentication.
>
> Is it what you want ?
>
> Pat
>
> _______________________________________________________________
>
> Have big pipes? SourceForge.net is looking for download mirrors. We supply
> the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
> _____________________________________________________________________
> Ltsp-discuss mailing list.   To un-subscribe, or change prefs, goto:
>       https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
> For additional LTSP help,   try #ltsp channel on irc.openprojects.net
>
>


_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
_____________________________________________________________________
Ltsp-discuss mailing list.   To un-subscribe, or change prefs, goto:
      https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help,   try #ltsp channel on irc.openprojects.net

Reply via email to