[KLUG Members] Secure X terminals

[Dirk Bartley]

On Sat, 2005-07-23 at 22:55 -0400, Jason Edward Durrett wrote:
> I am looking for a way to secure the traffic between X terminals and a 
> server on a lan.
> 
> Using ssh -X server and then startkde, for example,  works just fine 
> except that it is a lot of steps.  I am looking for a solution that 
> would allow the user to sit down and put in their username and password 
> and then get a desktop.
> 
> For the x terminals I use now XDMCP works great with the exception that 
> the traffic could be sniffed by something on the wires.
> 
> Does anyone have any hints about wrapping XDMCP through ssl or 
> something similar?
> 
> One thing I have thought about is putting each users ssh key on every 
> terminal and then scripting a login to the server - this will work but 
> I imagine that the administration on this setup - removing users and 
> adding users - will be quite intense down the road.
> 
> Any ideas? hints?  keywords I can google?

X as a protocol is unsecure.  I have never heard of or searched for a
way to secure x.  My users of ltsp terminals use a text based program
and never fire up X.  They log in through ssh.

You could always have X servers have two nics and x terminals on a
separate lan for physical security, but I recognize that as not being a
complete solution.

I'd join the LTSP list and ask the question.  Lots of traffic but good
trafic.

Dirk
> 
> Thanks,
> 
> jason
> 
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
>