On Thursday 16 October 2008 07:19:04 ltsp-discuss- [EMAIL PROTECTED] wrote: > > Personally I don't see the benefit to have an additional SSH server by > > default running... if your network isn't firewalled, you've got a lot > > more to worry about than an open SSH port. It's common network > > administration practice to have a firewall in place - and who gives > > their LTSP server a public IP address, anyway? > > My ltsp server is firewalled _and_ I need to access it via ssh on the > internet. Therefore it makes perfect sense to have a daemon on a > firewalled port taking connections from the tc, and a second daemon on > a NATed port accepting connections from whitelisted administrators
I've resisted adding my $.02 three times in this digest, finally succomed :-) Security through complexity is dumb and ends up biting you: My server is on a 192.168. From the WORLD it is only available via a non standard port, internally 22 and ltsp is bog standard. Port forwarding done by a Dlink 604T, cost 1 hour labour. So if you are playing, then a really scrappy implementation like this is fun to do, but for real systems KISS (Keep It Simple ...) James ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
