On Friday 17 October 2008 01:47:37 [EMAIL PROTECTED] wrote: > > > > Personally I don't see the benefit to have an additional SSH server > > > > by default running... if your network isn't firewalled, you've got a > > > > lot more to worry about than an open SSH port. It's common network > > > > administration practice to have a firewall in place - and who gives > > > > their LTSP server a public IP address, anyway? > > > > > > My ltsp server is firewalled _and_ I need to access it via ssh on the > > > internet. Therefore it makes perfect sense to have a daemon on a > > > firewalled port taking connections from the tc, and a second daemon on > > > a NATed port accepting connections from whitelisted administrators > > > > I've resisted adding my $.02 three times in this digest, finally succomed > > :-) > > > > Security through complexity is dumb and ends up biting you: > > > > My server is on a 192.168. From the WORLD it is only available via a non > > standard port, internally 22 and ltsp is bog standard. > > > > Port forwarding done by a Dlink 604T, cost 1 hour labour. > > Me too--server runs single sshd on port 22, router forwards nonstandard > port to port 22 on server.
As previous digest-mail said ssh on 2 ports is trivial (why messy :-) Dlink will NOT forward 1234 to 22 AND 5678 to 22 on another machine So LTSP runs ssh on 1234 and 22 AnotherServer runs ssh on 5678 and 22 YetAnother runs ssh on 4567 and 22 Dlink forwards 1234 to LTSP server Dlink forwards 5678 to AnotherServer Dlink forwards 4567 to YetAnother No machine runs a firewall: A firewall closes ports, here nothing is open except the port forwards to each machine Simple, secure and easy to do. James > > So if you are playing, then a really scrappy implementation like this is > > fun to do, but for real systems KISS (Keep It Simple ...) ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
