LDM_DIRECTX=yes by default?
Nadav Kavalerchik
nadavkav at gmail.com
Fri Jul 4 07:56:08 UTC 2008
we do not care for security :-) it is better we get usable interface that
can show videos and sound than have the X session encrypted ??? so kids in
school feel safe ? i do not understand why implement this feature in the
first place ?
2008/7/4 Andrew Osborne <amposborne at googlemail.com>:
> I would agree Warren , I have now a working and used test setup with 10
> Terminals connected to Fedora 8/LTSP5 in a Primary School, sound and video
> is in heavy use, with LDM_DIRECTX=yes enabled the terminals are more
> responsive.
>
> I would expect if one wanted more security then having an option to set it
> is more logical, than removing it.
>
>
>
> 2008/7/3 Warren Togami <wtogami at redhat.com>:
>
> The current default of LTSP5 is to tunnel *everything* from the ldm login
>> session through an ssh tunnel. This increases security a lot, but decreases
>> usability of the default configuration since it scales very poorly. For
>> example, a server that might be able to handle 40 clients with
>> LDM_DIRECTX=yes might handle only ten with everything through the ssh
>> tunnel. (These are made up numbers.)
>>
>> If lts.conf has LDM_DIRECTX=yes, then the login and password is encrypted
>> by ssh, but X is unencrypted over the network. This makes the desktop
>> performance a little better, but more importantly it allows the LTSP server
>> to scale to a similar number of simultaneous clients as the old XDMCP-based
>> LTSP4.2.
>>
>> This is bad for security, but if our goal is to have something usable
>> out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we
>> should do it?
>>
>> How do people feel about this?
>>
>> Warren Togami
>> wtogami at redhat.com
>>
>> _______________________________________________
>> K12Linux-devel-list mailing list
>> K12Linux-devel-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/k12linux-devel-list
>>
>
>
> _______________________________________________
> K12Linux-devel-list mailing list
> K12Linux-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/k12linux-devel-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12linux-devel-list/attachments/20080704/a05ab7eb/attachment.htm>
More information about the K12Linux-devel-list
mailing list