On Fri, Oct 12, 2012 at 8:56 AM, RĂ¼diger Kupper <k...@kg-fds.de> wrote: > That's the way we are doing it. For this to work, you need to install > the ssh server in the client chroot, set up a root account und list > root's ssh fingerprint in the authorized-keys file.
Here are some helpful bits for accomplishing the above: # Generate ssh keys for client management ssh-keygen -q -N "" -f /root/.ssh/id_rsa # Copy those keys to the client chroot chmod 600 /root/.ssh/id_rsa.pub mkdir -m 700 /opt/ltsp/$ARCH/root/.ssh/ cp /root/.ssh/id_rsa.pub /opt/ltsp/$ARCH/root/.ssh/authorized_keys # Suppress meaningless host key messages in ssh client # Note that this does not reduce security when connecting to thin clients, but could compromise # security when connecting to other ssh servers, as it defeats host key checking echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config echo "UserKnownHostsFile=/dev/null" >> /etc/ssh/ssh_config db ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
