LDM_DIRECTX=yes by default?
Andrew Osborne
amposborne at googlemail.com
Thu Jul 3 22:56:30 UTC 2008
I would agree Warren , I have now a working and used test setup with 10
Terminals connected to Fedora 8/LTSP5 in a Primary School, sound and video
is in heavy use, with LDM_DIRECTX=yes enabled the terminals are more
responsive.
I would expect if one wanted more security then having an option to set it
is more logical, than removing it.
2008/7/3 Warren Togami <wtogami at redhat.com>:
> The current default of LTSP5 is to tunnel *everything* from the ldm login
> session through an ssh tunnel. This increases security a lot, but decreases
> usability of the default configuration since it scales very poorly. For
> example, a server that might be able to handle 40 clients with
> LDM_DIRECTX=yes might handle only ten with everything through the ssh
> tunnel. (These are made up numbers.)
>
> If lts.conf has LDM_DIRECTX=yes, then the login and password is encrypted
> by ssh, but X is unencrypted over the network. This makes the desktop
> performance a little better, but more importantly it allows the LTSP server
> to scale to a similar number of simultaneous clients as the old XDMCP-based
> LTSP4.2.
>
> This is bad for security, but if our goal is to have something usable
> out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we
> should do it?
>
> How do people feel about this?
>
> Warren Togami
> wtogami at redhat.com
>
> _______________________________________________
> K12Linux-devel-list mailing list
> K12Linux-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/k12linux-devel-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12linux-devel-list/attachments/20080703/461d82c0/attachment.htm>
More information about the K12Linux-devel-list
mailing list