On Thu, Apr 25, 2002 at 09:51:45AM -0500, Jason A. Pattie wrote: > There is also the possibility that was discussed awhile ago that seems > to be at a pause currently about establishing VPN connections between > each workstation and the application server in order to securely request > services (XDMCP sessions, NFS mountpoints, etc.). In this scenario (as > with SSH tunneling services as well), the issue becomes how to securely > store/manage the keys for the encrypted tunnel connection(s). Ex: flash > disk in each thin-client to store the VPN certificates. But then > concerns about theft, etc. become issues as well. It all depends on how > secure you want to be, I suppose.
If you are really paranoid, a setup with passphrases on the secret keys would reduce the damage of a theft, but to me this seems far fetched to say the least. This VPN thing, is it not rather CPU intensive? Would it not rule out the use of low-end terminals? Does anyone know how it perform in comparision to X forwarding over SSH? -- Hans Ekbrand
msg04732/pgp00000.pgp
Description: PGP signature
