On Tue, Jul 03, 2007 at 10:34:54PM +0200, Petter Reinholdtsen wrote: > [Holger Levsen] > > But if I use ssh in that session, the password goes over the wire in > > clear text? > > Yes. This patch tell programs to use the normal $DISPLAY TCP > connection to the server. I'm not convinced it is complete, though, > as the xauth cookie need to be passed on to the users ~/.Xauthority > file, and the X server need to be told to listen on the TCP socket as > well as the unix socket in /tmp/.
i tested the patch, and it needed no modification, aside from enabling it in lts.conf: LDM_DIRECTX=True works as intended, as best i can tell. > The problem is that some schools are not willing to sacrifise > performance for security, and they will either set up XDMCP manually > or use K12LTSP or Edubuntu and enable LDM without encrypted sessions. > I suspect we are better of by providing an easily alternative to > enable. indeed. this is the motivation behind it- to attempt to give a security/performance trade-off, while still keeping all of the features that come with LDM. local devices and sound support, namely. > > Also I am not soo comfortable with such changes at this point of > > time. We have never formally frozen etch-test, to only allow > > bugfixes in, but I'm thinking maybe we should do so. (And please go > > ahead with this change now, but maybe this could be the last? well, i've tested it personally, and it appears to work, so i uploaded a new ltsp package and it awaits your fine testing skills in etch-test. :) live well, vagrant -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
