[K12OSN] LTSP 5/code to bypass encryption of X
Jim Kronebusch
jim at winonacotter.org
Fri Jun 22 19:44:49 UTC 2007
On Fri, 22 Jun 2007 15:20:58 -0400, Gideon Romm wrote
> Just to add a few notes (sorry I dont keep up with the list as much as I
> used to):
>
> The autologin features with that revised ldm work like this:
>
> 1. 'REAL' USERS:
> a. You can specify a username with LDM_USERNAME=bob (where the
> username is "bob"). (of course, you probably want to put this in a
> specified workstation section, so that all of your thin clients don't
> login as 'bob'. ;)
> b. You can then specify bob's password with LDM_PASSWORD=password
> 2. 'GUEST' USERS:
> a. LDM_USERNAME supports the use of executing a command to return the
> username. So, you can create a bunch of user accounts on your server
> where the username is the hostname of the thin client. Then, put in the
> [Default] section, LDM_USERNAME="hostname|" (Note the pipe (|) at the
> end). This tells it to execute the hostname command on the client and
> use the result for the username.
> b. create a common password for all users and set
> LDM_PASSWORD=password OR create an ssh key pair, and put the private
> key in /opt/ltsp/i386/root/.ssh/id_dsa and the public key somehwere on
> the server, say /etc/ssh/id_dsa.pub. and then, in every user account,
> create a symlink between /home/<user>/.ssh/authorized_keys
> -> /etc/ssh/id_dsa.pub
>
> NOTE: autologin is by definition insecure. Be careful when you use it.
> I just hope this patch his useful to those who do not care about
> security for certain systems.
>
> -Gadi
Thanks for the extra info Gadi. I can post this to the users on the edubuntu list as well.
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
More information about the K12OSN
mailing list