Denis Cardon wrote: > Hi Rob, > >>>> I'm trying to set up LTSP 5 on a server that allows ssh access from >>>> the internet, and as such I disallow password authentication. This >>>> seems to conflict with LTSP 5, though. Is it possible to >>>> authenticate by means other than ssh? >>> I use LTSP 4.2 ,disallow password authentication via SSH and restrict >>> the >>> IP addresses from which you can get a SSH connection, and have never >>> had a >>> problem. Is this something new or different with version 5? >>> >>> You can use your /etc/hosts.allow and /etc/hosts.deny files to >>> selectively >>> allow certain addresses to use SSH (and other services). You can >>> also specify >>> allowed users in /etc/ssh/sshd_config >>> >> I've been using LTSP 4.2 and am trying out LTSP 5. It is different, >> because (if I understand it correctly) all traffic goes through ssh. >> There is an option to eliminate the encrypting (through ssh) of all >> traffic, but my understanding is that it still uses ssh for >> authentication. >> >> In my case I want the same user to be able to log in locally, on a >> terminal, or from the internet via ssh (text mode). Password >> authentication would be ok for local and terminal logins, but not for >> internet logins. >> >> I'll probably have to adjust my router to send internet-based ssh >> requests to a different server, but I was hoping not to. > > LTSP 5 standard install uses ssh to tunnel traffic from ltsp client to > the ltsp server (X protocol itself is not encrypted). The login prompt > is not anymore a standard DM called through XDMCP, but a custom made DM > called LDM (local display manager). > > Although, with some quick twicking you can easily go back to the > standard X/XDMCP way and forget about SSH. This way you'll be able to > configure your ssh server the way you want. > I assume this would involve enabling LDM_DIRECTX and XDMCP. If there's anything I'm missing, I guess I'll find out...
Thanks -Rob ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
