I would agree Warren , I have now a working and used test setup with 10 Terminals connected to Fedora 8/LTSP5 in a Primary School, sound and video is in heavy use, with LDM_DIRECTX=yes enabled the terminals are more responsive. I would expect if one wanted more security then having an option to set it is more logical, than removing it. <div class="gmail_quote">2008/7/3 Warren Togami <<a href="mailto:wtogami@redhat.com">wtogami@redhat.com</a>>: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">The current default of LTSP5 is to tunnel *everything* from the ldm login session through an ssh tunnel. This increases security a lot, but decreases usability of the default configuration since it scales very poorly. For example, a server that might be able to handle 40 clients with LDM_DIRECTX=yes might handle only ten with everything through the ssh tunnel. (These are made up numbers.) If lts.conf has LDM_DIRECTX=yes, then the login and password is encrypted by ssh, but X is unencrypted over the network. This makes the desktop performance a little better, but more importantly it allows the LTSP server to scale to a similar number of simultaneous clients as the old XDMCP-based LTSP4.2. This is bad for security, but if our goal is to have something usable out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we should do it? How do people feel about this? Warren Togami <a href="mailto:wtogami@redhat.com" target="_blank">wtogami@redhat.com</a> _______________________________________________ K12Linux-devel-list mailing list <a href="mailto:K12Linux-devel-list@redhat.com" target="_blank">K12Linux-devel-list@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/k12linux-devel-list" target="_blank">https://www.redhat.com/mailman/listinfo/k12linux-devel-list</a> </blockquote></div>