A page in your DokuWiki was added or changed. Here are the details:
Date : 2017/10/26 13:15
Browser : Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:56.0) Gecko/20100101
Firefox/56.0
IP-Address : 78.43.91.217
Hostname : HSI-KBW-078-043-091-217.hsi4.kabel-badenwuerttemberg.de
Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1501278478
New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce
Edit Summary: Added new options
User : stefanbaur
@@ -735,8 +735,11 @@
=== These are entirely optional ===
* ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to
HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'',
useful if autodetection for the correct screen size fails, but you do get as
far as seeing the X2Go GUI
*
''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.xorg.conf''
- when a client outright refuses to boot into the graphical X2Go login screen,
but gets stuck at
the console or a black screen instead, yet you can get the GUI to work using a
regular Linux on the same hardware, you can disable the X Server's
autodetection and force it to use the xorg.conf specified here. Note that you
should use a more descriptive name for the file, as described below. Also note
that whoever manages to spoof the server name can inject rogue xorg config
files into your ThinClients. To mitigate this risk, use HTTPS, where the
attacker would have to spoof both server name and matching certificate.
*
''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys''
- Allows you to add an ssh public key file to the ThinClient, so your
administrators can log in remotely using SSH. Note that this file needs to be
chmodded 644, not 600, on the web server. **Attention: Whoever manages to
spoof this server name will have root access to your ThinClients. Using HTTPS
will mitigate this - an attacker would not only have to spoof the
server name, but also the matching certificate.**
+ * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' -
use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace
theblue background theme of the login screen. See below for how to add this file to your
HTTP, HTTPS, or FTP server. Note that whoever manages to spoof the server name can
inject rogue images into your ThinClients. To mitigate this risk, use HTTPS, where the
attacker would have to spoof both server name and matching certificate.
+ *
''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg''
- use this to specify an SVG file to "brand" your X2Go-TCE with. It will
replace the seal icon in the lower left of the login screen. See below for how to add
this file to your HTTP, HTTPS, or FTP server. Note that whoever manages to spoof the
server name can inject rogue images into your ThinClients. To mitigate this risk, use
HTTPS, where the
attacker would have to spoof both server name and matching certificate.
+ * ''session=sessionname'' - use this to specify a session by name that
should be pre-selected on startup. The name must be listed in the sessions file
and may only contain characters from the following charset: //a-zA-Z0-9.:/ _-//
(We suggest naming the default session ''default'' and using
''session=default''.) As of 2017-10-26, this feature is only available in
builds created from the linuxhaus github repository. The official repository
will follow soon.
* ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how
multiple screens are handled (same-as clones the primary screen to all secondary screens,
the other commands will cascade and thus expand the screen). Note that the current
implementation will enforce "same-as" if it detects a touch screen driver
(wacom) and no other pointing device. This is so you won't get stuck being unable to log
off, for example, due to your touch
device being limited to one screen.
* ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this
allows you to specify an LDAP server to connect to - note that this is not
needed for LDAP-based authentication, only when you intend to store entire
session profiles in LDAP. You should really consider using the X2Go Session
Broker instead.
* ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify
the first of up to two LDAP backup servers when using LDAP authentication
* ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication
--
This mail was generated by DokuWiki at
https://wiki.x2go.org/
_______________________________________________
x2go-commits mailing list
[email protected]
https://lists.x2go.org/listinfo/x2go-commits
