On 2008-01-11 15:24:11 +0100 Rob Owens <[EMAIL PROTECTED]> wrote: > Frank Cox wrote: >> On Tue, 08 Jan 2008 07:25:58 -0500 >> Rob Owens <[EMAIL PROTECTED]> wrote: >> >>> I'm trying to set up LTSP 5 on a server that allows ssh access from >>> the >>> internet, and as such I disallow password authentication. This >>> seems to >>> conflict with LTSP 5, though. Is it possible to authenticate by >>> means >>> other than ssh? >> >> I use LTSP 4.2 ,disallow password authentication via SSH and >> restrict the >> IP addresses from which you can get a SSH connection, and have never >> had a >> problem. Is this something new or different with version 5? >> >> You can use your /etc/hosts.allow and /etc/hosts.deny files to >> selectively >> allow certain addresses to use SSH (and other services). You can >> also >> specify >> allowed users in /etc/ssh/sshd_config >> > I've been using LTSP 4.2 and am trying out LTSP 5. It is different, > because (if I understand it correctly) all traffic goes through ssh. > There is an option to eliminate the encrypting (through ssh) of all > traffic, but my understanding is that it still uses ssh for > authentication. > > In my case I want the same user to be able to log in locally, on a > terminal, or from the internet via ssh (text mode). Password > authentication would be ok for local and terminal logins, but not for > internet logins.
You don't need to enable/disable something to allow users to log in from the internet with password authentification. If you need something more secure, you can configure ssh options on each ethernet cards (AFAIK). To avoid misconfiguration, the better and simler would be to launch a second ssh sessions for internet access, on a dedicated ethernet card. Xavier ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
