On Fri, Oct 2, 2009 at 4:40 PM, Vagrant Cascadian <vagr...@freegeek.org> wrote:
> essentially, it completely compromises the security of ssh. ssh and other > public-key encryption relies on the fact that the secret key is actually > secret. exporting those secret keys over insecure protocols such as NBD and > NFS > compromise that. Are you saying that anybody with network access could get those keys over NBD or NFS? Would they need shell access on a PXE-booted machine, or would it suffice to use any network-connected machine with NFS or NBD ability? Personally I don't see this a a significant risk in my environment, nor do I see much at stake if somebody did gain ssh access to my thin clients. Nevertheless, I would like to better understand the risk for future reference, and I think it bears elucidating for ltsp users in general. db ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net