Thank you for all your responses thus far. -----Original Message----- From: Mick [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 13, 2006 5:59 PM To: vnc-list@realvnc.com Cc: Anne Gorham Subject: Re: VNC and security issues at a university
On Wednesday 13 December 2006 22:07, Anne Gorham wrote: >> What I am trying to do is enable students to access a Sun Solaris computer >> from either a Linux computer or an XP PC. On that Sun, students store >> instrument analyses, and often want to process this data from their own >> computers or from workstations in the lab. >I assume that the "instrument analyses" are data files? To be exact, these data files are .fid files from an NMR superconducting magnet. >> What I am concerned with is security. I was going to have the students open >> a secure shell (SSH) window, connect to the Sun, and start a vncserver >> session. Once that is done, launch their viewer and get to work. After they >> are done, they'll close the viewer and then kill the session. >Do they need/have to run a VNC viewer session? Can't they just donwload >the >data files using e.g. ftp, work on these locally at their PC's, or at a >remote college workstation and then upload the modified data back to the >server? The software that works up these .fid files is proprietary and can only be installed on a few Sun computers due to licensing (the company is very picky about this). So, if the students want to further process their data, they must use that computer with that software. >> Do I need to do anything else to safeguard and/or streamline this >>process? >If you are going to give them shell access I hope that this is on a >strictly >locked down server user account with minimal access rights (both in terms >of >commands/binaries and in terms of directories). Unless they *must* run >applications on the server I would shy away from letting anyone loose on >it. >By the way, on a Solaris I would recommend running FreeNX >http://freenx.berlios.de/info.php or NoMachine NX >http://www.nomachine.com/products.php which is significantly faster than >VNC >and has free clients for Linux & MSWindows. -- >Regards, >Mick The students have their own personal accounts on the Sun computer, and when they SSH to the computer, that is the account they would be logging into and starting the VNCServer from. Anne _______________________________________________ VNC-List mailing list VNC-List@realvnc.com To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list