LDM_DIRECTX=yes by default?
nadavkav at gmail.com
Fri Jul 4 07:56:08 UTC 2008
we do not care for security :-) it is better we get usable interface that
can show videos and sound than have the X session encrypted ??? so kids in
school feel safe ? i do not understand why implement this feature in the
first place ?
2008/7/4 Andrew Osborne <amposborne at googlemail.com>:
> I would agree Warren , I have now a working and used test setup with 10
> Terminals connected to Fedora 8/LTSP5 in a Primary School, sound and video
> is in heavy use, with LDM_DIRECTX=yes enabled the terminals are more
> I would expect if one wanted more security then having an option to set it
> is more logical, than removing it.
> 2008/7/3 Warren Togami <wtogami at redhat.com>:
> The current default of LTSP5 is to tunnel *everything* from the ldm login
>> session through an ssh tunnel. This increases security a lot, but decreases
>> usability of the default configuration since it scales very poorly. For
>> example, a server that might be able to handle 40 clients with
>> LDM_DIRECTX=yes might handle only ten with everything through the ssh
>> tunnel. (These are made up numbers.)
>> If lts.conf has LDM_DIRECTX=yes, then the login and password is encrypted
>> by ssh, but X is unencrypted over the network. This makes the desktop
>> performance a little better, but more importantly it allows the LTSP server
>> to scale to a similar number of simultaneous clients as the old XDMCP-based
>> This is bad for security, but if our goal is to have something usable
>> out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we
>> should do it?
>> How do people feel about this?
>> Warren Togami
>> wtogami at redhat.com
>> K12Linux-devel-list mailing list
>> K12Linux-devel-list at redhat.com
> K12Linux-devel-list mailing list
> K12Linux-devel-list at redhat.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the K12Linux-devel-list