[KLUG Members] Secure X terminals
Dirk Bartley
bartleyd2 at chartermi.net
Sun Jul 24 18:18:41 EDT 2005
On Sat, 2005-07-23 at 22:55 -0400, Jason Edward Durrett wrote:
> I am looking for a way to secure the traffic between X terminals and a
> server on a lan.
>
> Using ssh -X server and then startkde, for example, works just fine
> except that it is a lot of steps. I am looking for a solution that
> would allow the user to sit down and put in their username and password
> and then get a desktop.
>
> For the x terminals I use now XDMCP works great with the exception that
> the traffic could be sniffed by something on the wires.
>
> Does anyone have any hints about wrapping XDMCP through ssl or
> something similar?
>
> One thing I have thought about is putting each users ssh key on every
> terminal and then scripting a login to the server - this will work but
> I imagine that the administration on this setup - removing users and
> adding users - will be quite intense down the road.
>
> Any ideas? hints? keywords I can google?
X as a protocol is unsecure. I have never heard of or searched for a
way to secure x. My users of ltsp terminals use a text based program
and never fire up X. They log in through ssh.
You could always have X servers have two nics and x terminals on a
separate lan for physical security, but I recognize that as not being a
complete solution.
I'd join the LTSP list and ask the question. Lots of traffic but good
trafic.
Dirk
>
> Thanks,
>
> jason
>
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
>
More information about the Members
mailing list