Just a comment regarding LDM - for slightly larger 'corporate' setups we would need forceful password changes, password aging, etc. SSH correctly handles these (through PAM or Kerberos) but LDM does not. I know this may be low priority- but is there a wish list i can add this to? this really prevents me from implementing LDM at slightly 'corporate' locations. I thought of doing this myself but really see no way this can be easily done (unless the thin client does a PAM authenticate first and then ssh)
On Mon, 2007-06-25 at 10:52 -0400, Jim McQuillan wrote: > > Gideon Romm wrote: > > Anthony- > > > > ssh is still used as a communication tunnel between client and server. > > For example, it is used to launch the session, set up sound, trigger > > mounting of local devices, that sort of thing. The only difference is > > that you are not proxying the ssh traffic through ssh, so you eliminate > > I think he meant "not proxying the X traffic through ssh" > > Jim. > > > the overhead of encrypting the video data (the majority of the ssh > > overhead in the secure scenario) and, more importantly for performance, > > you are not proxying the X traffic, but rather directly talking between > > the applications and the xserver. > > > > Cheers, > > > > -Gadi > > > > On Sun, 2007-06-24 at 22:12 -0500, Anthony M Simonelli wrote: > >> I apologize. I tried it again, this time with a fresh setup, and > >> everything worked perfectly. I must have setup things incorrectly on > >> the first attempt because your modified LDM script works beautifully. > >> > >> I am curious, is it just X that's no longer being encrypted over ssh > >> with the new LDM_DIRECTX option or is the entire terminal session no > >> longer using ssh, because I noticed that sshd is still a running > >> process. > >> > >> On Fri, 2007-06-22 at 17:19 -0400, Gideon Romm wrote: > >>> Anthony, > >>> > >>> In LTSP5, gdm is not used at all. You need not enable XDMCP in gdm or > >>> even have gdm installed on the server. If enabling it changed things, > >>> that must mean you have SCREEN_07=startx in your lts.conf. Don't do > >>> that. Take it out. Use ldm. Then, you localdev and everything else > >>> should work. > >>> > >>> -Gadi > >>> > >>> On Thu, 2007-06-21 at 21:53 -0500, Anthony M Simonelli wrote: > >>>> I gave this version of LDM a whirl and was pleasantly surprised. It > >>>> does boot quicker and, after configuring GDM for remote logins, I was > >>>> quickly presented with a login screen. Sound still works, but I notice > >>>> that the USE_XFS and LOCALDEV options in the lts.conf file do not have > >>>> an effect. Local devices aren't critical, but I need access to the XFS > >>>> server since we use IBM's iSeries Access that requires un/scalable > >>>> fonts. > >>>> > >>>> Am I doing something wrong? > >>>> > >>>> On Wed, 2007-06-20 at 09:34 -0500, Jim Kronebusch wrote: > >>>>> Hello all, I met with Gideon Romm at our North Central Linux > >>>>> Symposium. He has been > >>>>> working on modifications to the code for ldm to allow the bypass of X > >>>>> being encrypted > >>>>> over ssh. He has also added functionality to be able to use autologin. > >>>>> You can > >>>>> download the modified ldm from here: > >>>>> > >>>>> http://codebrowse.launchpad.net/~gideon/ltsp/gadi-ldm-mods-ltsp/download/gadi%40ltsp.org-20070521205254-ek710bofdpdtlwlz/x_Matt_Zimmerman_%3Cmatt.zimmerman%40canonical.com%3E_Tue_Jun__7_19%3A59%3A49_2005_32192.0/ldm > >>>>> > >>>>> Replace your current "/opt/ltsp/i386/usr/sbin/ldm" with the new file > >>>>> (you may want to > >>>>> backup your current ldm just to be safe). The in > >>>>> "/opt/ltsp/i386/etc/lts.conf" add the > >>>>> following line: > >>>>> > >>>>> LDM_DIRECTX=True > >>>>> > >>>>> You will now be able to run without X being encrypted, which in theory > >>>>> should allow LTSP > >>>>> 5 to run at the same speed as LTSP 4.2. Bootup times and logout times > >>>>> will still be > >>>>> slower, but once booted things should zoom along. So far my tests show > >>>>> that this works > >>>>> awesome! I am still waiting for my new clients to really give this a > >>>>> go. > >>>>> > >>>>> If you would like to use autologin features you simply need to add the > >>>>> following line to > >>>>> lts.conf: > >>>>> > >>>>> LDM_USERNAME=hostname > >>>>> > >>>>> Apparently this lets you use the same user=workstation method that > >>>>> worked in LTSP 4.2. > >>>>> You will still need to setup ssh keys OR create the same password for > >>>>> each user and > >>>>> specify LDM_PASSWORD="mypassword" (in lts.conf). You also need to > >>>>> specify workstation > >>>>> names in dhcpd.conf so that workstations do not all have the same > >>>>> hostname (I am not > >>>>> sure if this is able to be done with the /etc/hosts file as well). > >>>>> > >>>>> Anyhow this hacked ldm should allow LTSP 5 to finally be usable in > >>>>> larger installations > >>>>> instead of hanging on to LTSP 4.2. Also I guess that Scott Balneaves > >>>>> has rewritten some > >>>>> of the python startup files in C, which should clear up some boot time > >>>>> problems in the > >>>>> next Gutsy release (Scott, sorry if I butchered up what exactly you > >>>>> have been working on). > >>>>> > >>>>> Jim Kronebusch > >>>>> Cotter Tech Department > >>>>> 453-5188 > >>>>> > >>>> > >>>> ------------------------------------------------------------------------- > >>>> This SF.net email is sponsored by DB2 Express > >>>> Download DB2 Express C - the FREE version of DB2 express and take > >>>> control of your XML. No limits. Just data. Click to get it now. > >>>> http://sourceforge.net/powerbar/db2/ > >>>> _____________________________________________________________________ > >>>> Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > >>>> https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > >>>> For additional LTSP help, try #ltsp channel on irc.freenode.net > >>> -- > >>> -------------------------------------------------------- > >>> Gideon Romm | Proud LTSP Developer > >>> [EMAIL PROTECTED] > >>> > >>> Support LTSP! Buy your hardware at: > >>> > >>> www.DisklessWorkstations.com > >>> www.DisklessThinClients.com > >>> > >>> (use coupon code: LTSP5P for 5% off thin clients from > >>> DisklessThinClients.com) > >>> > >>> > >>> ------------------------------------------------------------------------- > >>> This SF.net email is sponsored by DB2 Express > >>> Download DB2 Express C - the FREE version of DB2 express and take > >>> control of your XML. No limits. Just data. Click to get it now. > >>> http://sourceforge.net/powerbar/db2/ > >>> _____________________________________________________________________ > >>> Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > >>> https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > >>> For additional LTSP help, try #ltsp channel on irc.freenode.net > >> > >> ------------------------------------------------------------------------- > >> This SF.net email is sponsored by DB2 Express > >> Download DB2 Express C - the FREE version of DB2 express and take > >> control of your XML. No limits. Just data. Click to get it now. > >> http://sourceforge.net/powerbar/db2/ > >> _____________________________________________________________________ > >> Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > >> https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > >> For additional LTSP help, try #ltsp channel on irc.freenode.net > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _____________________________________________________________________ > Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > For additional LTSP help, try #ltsp channel on irc.freenode.net -- Faraz R Khan CEO, Emergen Consulting Pvt Ltd. +92.21.111.111.320 x200 www.emergen.biz ----------------------------- NOTICE: If received in error, please destroy and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
