Xavier Brochard wrote: > On 2008-01-11 15:24:11 +0100 Rob Owens <[EMAIL PROTECTED]> > wrote: >> Frank Cox wrote: >>> On Tue, 08 Jan 2008 07:25:58 -0500 >>> Rob Owens <[EMAIL PROTECTED]> wrote: >>> >>>> I'm trying to set up LTSP 5 on a server that allows ssh access from >>>> the >>>> internet, and as such I disallow password authentication. This >>>> seems to >>>> conflict with LTSP 5, though. Is it possible to authenticate by >>>> means >>>> other than ssh? >>> I use LTSP 4.2 ,disallow password authentication via SSH and >>> restrict the >>> IP addresses from which you can get a SSH connection, and have never >>> had a >>> problem. Is this something new or different with version 5? >>> >>> You can use your /etc/hosts.allow and /etc/hosts.deny files to >>> selectively >>> allow certain addresses to use SSH (and other services). You can >>> also >>> specify >>> allowed users in /etc/ssh/sshd_config >>> >> I've been using LTSP 4.2 and am trying out LTSP 5. It is different, >> because (if I understand it correctly) all traffic goes through ssh. >> There is an option to eliminate the encrypting (through ssh) of all >> traffic, but my understanding is that it still uses ssh for >> authentication. >> >> In my case I want the same user to be able to log in locally, on a >> terminal, or from the internet via ssh (text mode). Password >> authentication would be ok for local and terminal logins, but not for >> internet logins. > > You don't need to enable/disable something to allow users to log in > from the internet with password authentification. > If you need something more secure, you can configure ssh options on > each ethernet cards (AFAIK). > To avoid misconfiguration, the better and simler would be to launch a > second ssh sessions for internet access, on a dedicated ethernet card. > Thanks for the advice. I'll look into this.
-Rob ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
