[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] LTSP 5/code to bypass encryption of X



On Fri, 22 Jun 2007 15:20:58 -0400, Gideon Romm wrote
> Just to add a few notes (sorry I dont keep up with the list as much as I
> used to):
> 
> The autologin features with that revised ldm work like this:
> 
> 1.  'REAL' USERS:
>   a.  You can specify a username with LDM_USERNAME=bob  (where the
> username is "bob").  (of course, you probably want to put this in a
> specified workstation section, so that all of your thin clients don't
> login as 'bob'.  ;)
>   b.  You can then specify bob's password with LDM_PASSWORD=password  
> 2.  'GUEST' USERS:
>   a.  LDM_USERNAME supports the use of executing a command to return the
> username.  So, you can create a bunch of user accounts on your server
> where the username is the hostname of the thin client.  Then, put in the
> [Default] section, LDM_USERNAME="hostname|"  (Note the pipe (|) at the
> end).  This tells it to execute the hostname command on the client and
> use the result for the username.
>   b.  create a common password for all users and set
> LDM_PASSWORD=password  OR  create an ssh key pair, and put the private
> key in /opt/ltsp/i386/root/.ssh/id_dsa  and the public key somehwere on
> the server, say /etc/ssh/id_dsa.pub.  and then, in every user account,
> create a symlink between /home/<user>/.ssh/authorized_keys
> -> /etc/ssh/id_dsa.pub
> 
> NOTE:  autologin is by definition insecure.  Be careful when you use it.
> I just hope this patch his useful to those who do not care about
> security for certain systems.
> 
> -Gadi

Thanks for the extra info Gadi.  I can post this to the users on the edubuntu list as well.

-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]