Re: RFC/Discuss: Replace KDE by LXDE on LTSP?

To: debian-edu@lists.debian.org
Subject: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
From: Jonas Smedegaard <dr@jones.dk>
Date: Thu, 30 Apr 2009 16:12:03 +0200
Message-id: <[🔎] 20090430141203.GE1838@jones.dk>
Reply-to: debian-edu@lists.debian.org
In-reply-to: <[🔎] 20090430123621.GA6235@ryukin.fglan>
References: <[🔎] 200904231958.48907.rgx@gmx.de> <[🔎] 200904290127.24365.knuty@skolelinux.no> <[🔎] 20090430123621.GA6235@ryukin.fglan>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Apr 30, 2009 at 05:36:21AM -0700, Vagrant Cascadian wrote:
>On Wed, Apr 29, 2009 at 01:27:22AM +0200, Knut Yrvin wrote:
>> Skolelinux 3.0 is running LDM as a login manager on thin clients with 
>> LTSP. This is slower than KDM.
>> 
>> You can replace LDM with KDM, and speed things up a little.
>
>do you still see a speed improvement using KDM vs. LDM with 
>LDM_DIRECTX=True ? this feature still uses ssh for the initial 
>connection (i.e. namely, the password negotiation), but plain X11 
>protocol for the rest of the session, and still should work with most 
>of the other features of LDM (local devices, sound, and in newer 
>versions, local applications).
>
>> But you'll miss the secure ssh tunnel which has some security 
>> benefits clients connected to a network hub.  When running a switch, 
>> package sniffing is not as easy.
>
>as i understand it, it is actually trivial to packet sniff on switches, 
>and provides no real security benefit. all you have to do is enable 
>promiscuous mode on your ethernet device, no?

In april 2003 we discussed this exact thing on the norwegian list, with 
Herman Robak providing most details: 
https://init.linpro.no/pipermail/skolelinux.no/linuxiskolen/2003-April/009945.html

Back then Knut claimed that I blew it out of proportions when insisting 
that LTSP 3.0 (i.e. no SSH) is insecure.  Very much usable but insecure.

Before this thread grows too much, I suggest that the scandinavians 
among us reread that old thread, and perhaps provide an english summary.


I am baffled that Knut still consider switches a security measure now 6 
years later.



  - Jonas

- -- 
* Jonas Smedegaard - idealist og Internet-arkitekt
* Tlf.: +45 40843136  Website: http://dr.jones.dk/

  [x] quote me freely  [ ] ask before reusing  [ ] keep private
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkn5sbIACgkQn7DbMsAkQLhaGwCfYDk9aeJxXBQrWjhoLEoBE1vF
sB8An3IKDobI/zi5M8XJ3G1TKWNbYr6f
=8+5Z
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Knut Yrvin <knut.yrvin@nokia.com>

References:
- RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: RalfGesellensetter <rgx@gmx.de>
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Knut Yrvin <knuty@skolelinux.no>
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Vagrant Cascadian <vagrant@freegeek.org>

Prev by Date: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Next by Date: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Previous by thread: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Next by thread: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Index(es):
- Date
- Thread