LDM_DIRECTX=yes by default?

Andrew Osborne amposborne at googlemail.com
Thu Jul 3 22:56:30 UTC 2008

I would agree Warren , I have now a working and used test setup with 10
Terminals connected to Fedora 8/LTSP5 in a Primary School, sound and video
is in heavy use, with LDM_DIRECTX=yes enabled the terminals are more

I would expect if one wanted more security then having an option to set it
is more logical, than removing it.

2008/7/3 Warren Togami <wtogami at redhat.com>:

> The current default of LTSP5 is to tunnel *everything* from the ldm login
> session through an ssh tunnel.  This increases security a lot, but decreases
> usability of the default configuration since it scales very poorly.  For
> example, a server that might be able to handle 40 clients with
> LDM_DIRECTX=yes might handle only ten with everything through the ssh
> tunnel.  (These are made up numbers.)
> If lts.conf has LDM_DIRECTX=yes, then the login and password is encrypted
> by ssh, but X is unencrypted over the network.  This makes the desktop
> performance a little better, but more importantly it allows the LTSP server
> to scale to a similar number of simultaneous clients as the old XDMCP-based
> LTSP4.2.
> This is bad for security, but if our goal is to have something usable
> out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we
> should do it?
> How do people feel about this?
> Warren Togami
> wtogami at redhat.com
> _______________________________________________
> K12Linux-devel-list mailing list
> K12Linux-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/k12linux-devel-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12linux-devel-list/attachments/20080703/461d82c0/attachment.htm>

More information about the K12Linux-devel-list mailing list