LDM_DIRECTX=yes by default?

Eric Harrison eharrison at mesd.k12.or.us
Thu Jul 3 20:23:23 UTC 2008

I vote for LDM_DIRECTX=yes and note it in the docs & add a comment in
the config file.


On 7/3/08, Warren Togami <wtogami at redhat.com> wrote:
> The current default of LTSP5 is to tunnel *everything* from the ldm
> login session through an ssh tunnel.  This increases security a lot, but
> decreases usability of the default configuration since it scales very
> poorly.  For example, a server that might be able to handle 40 clients
> with LDM_DIRECTX=yes might handle only ten with everything through the
> ssh tunnel.  (These are made up numbers.)
> If lts.conf has LDM_DIRECTX=yes, then the login and password is
> encrypted by ssh, but X is unencrypted over the network.  This makes the
> desktop performance a little better, but more importantly it allows the
> LTSP server to scale to a similar number of simultaneous clients as the
> old XDMCP-based LTSP4.2.
> This is bad for security, but if our goal is to have something usable
> out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we
> should do it?
> How do people feel about this?
> Warren Togami
> wtogami at redhat.com
> _______________________________________________
> K12Linux-devel-list mailing list
> K12Linux-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/k12linux-devel-list

Eric Harrison
Technology Services
Multnomah Education Service District
(503)257-1554    cell: (971)998-6249

More information about the K12Linux-devel-list mailing list