Jason,
i just don't see how usb key can be made secure. to stop sniffing
attack, the kernel loaded into terminal would have to be able to encrypt
traffic from the keyboard and decrypt traffic from the server. on the
other hand, i've seen a little keyboard port dongle that records all the
keystrokes ....
julius
On Mon, 23 Sep 2002, Jason A. Pattie wrote:
> Julius Szelagiewicz wrote:
>
> >Tim,
> > LTSP is inherently vulnerable to network sniffing. as long as
> >information travels in plain text over the network, it can be easily
> >intercepted. the usb keys are fine, but don't offer real security - they
> >can be duplicated with ease. Our only home is that Jim McQ. will have
> >enough free time to implement fully ssh encrypted workstation - server
> >
> You would really need to have an IPSec tunnel between the workstations
> and the server to incorporate all possible traffic types for the
> workstations. If you can get the "key" situation worked out securely,
> then you can implement either SSH or IPSec for the workstations.
>
> >traffic from the moment when login process receives user name. julius
> >
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
