Re: Diskless and Kerberos

[Petter Reinholdtsen]

[Giorgio Pioda]
> Well, if an alien machine sniff it, the attacker is well blocked at
> level of user auth. In principle machine auth is not so important as
> user auth since we are protecting homedirs and not services.

Yes, the home directory mount would be easier if only the user auth was
needed.  Note that there is no need to sniff the keytab file.  All an
attacker would need to do was to mount the LTSP root and read the file.

> In itself, it would be rather easy to use ssh-fuse homedir mounts
> instead of kerberized NFS obtaining a good protections of users
> data. But in that case the disadvantage would be to loose the single
> sign on and a substantial reduction in data transmission speed.

Except that ssh-fuse is not usable as a home directory.  rename is not
atomic, and umask is not properly handled.  Both can cause problems. :)
-- 
Happy hacking
Petter Reinholdtsen


-- 
To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/2fl4nr237yu@diskless.uio.no

Content and translation status for the debian-edu-squeeze manual

[Holger Levsen]

The (translated) debian-edu-squeeze manual as PDF or HTML is available at 
http://maintainer.skolelinux.org/debian-edu-doc/

To understand this mail better, please read 
/usr/share/doc/debian-edu-doc/README.
This mail is automatically send by a cronjob run by Holger Levsen every two 
weeks. Please send feedback, suggestions, flames and cookies via this list.

debian-edu-squeeze-manual.da.po: 1335 translated messages, 6 fuzzy translations.
debian-edu-squeeze-manual.de.po: 1341 translated messages.
debian-edu-squeeze-manual.es.po: 329 translated messages, 439 fuzzy 
translations, 573 untranslated messages.
debian-edu-squeeze-manual.fr.po: 1335 translated messages, 6 fuzzy translations.
debian-edu-squeeze-manual.it.po: 1335 translated messages, 6 fuzzy translations.
debian-edu-squeeze-manual.nb.po: 388 translated messages, 551 fuzzy 
translations, 402 untranslated messages.
debian-edu-squeeze-manual.zh.po: 22 translated messages, 194 fuzzy 
translations, 1125 untranslated messages.
--
http://wiki.debian.org/DebianEdu/Documentation/Squeeze//Installation
FIXME Check these numbers for Squeeze.  They are 2012-01-22 for Lenny. 
--
http://wiki.debian.org/DebianEdu/Documentation/Squeeze//HowTo/NetworkClients
FIXME: would it be better to explain user groups in Windows first with GOsa², 
and then with an example for the command line? 
FIXME explain how to use profiles from global policies for Windows machines in 
the skolelinux network 
FIXME: describe roaming profile key for the global policy editor here 

5 FIXMEs left to fix



-- 
To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1sysci-0006df...@ravel.debian.org