-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 30-08-2004 20:18, Ragnar Wisloff wrote: | Petter Reinholdtsen skrev: | |> [Hilaire] |> |> |>> There is a ltsp-floppyd package for Skolelinux to help for the set |>> up. |>> Not sure it is included in the cd-rom however, but it is in the |>> Skolelinux apt repository. |>> |> |> |> It is included on the CD, but not installed by default. I believe |> Ragnar have a reason for not installing it by default, but have |> forgotten the arguments. |> | | My arguments are mostly security based. | | There is no way to authenticate users when accessing local devices on | the thin clients using the floppyd method. This means that the floppy is | open for reading and writing by anybody on any machine. By all means, | install the package, but be aware of the security risks involved.
Would it make sense with a Kerberos-enabled floppyd, when (or if) Skolelinux switches to using Kerberos?
Any method of authentication. I am not at all confident it is a simple task to enable that, though. LDAP would probably be a good choice.
As I understand Kerberos, the core logic is to authenticate _both_ user and service against a third party (the ticket server). So even services on a thin client should be able to trust if done properly, right?
Don't know.
| In addition, Konqueror's floppy:/ kio is not very reliable.
What has that to do with it (I am honestly interested for other reasons: I have recently poked with getting KDE3.3 to work sanely with autofs4, and is curious if there's a better way).
It has nothing to do with security. It is a practical consideration. If it is known not to work, then I don't think it is wise to use it.
-- Med vennlig hilsen Ragnar Wisl�ff ------------- Life is a reach. Then you gybe.

