Re: Floppy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 31-08-2004 14:12, Ragnar Wisloff wrote:
| Jonas Smedegaard skrev:
|
|> -----BEGIN PGP SIGNED MESSAGE-----
|> Hash: SHA1
|>
|> On 30-08-2004 20:18, Ragnar Wisloff wrote:
|> | Petter Reinholdtsen skrev:
|> |
|> |> [Hilaire]
|> |>
|> |>
|> |>> There is a ltsp-floppyd package for Skolelinux to help for the set
|> |>> up.
|> |>> Not sure it is included in the cd-rom however, but it is in the
|> |>> Skolelinux apt repository.
|> |>>
|> |>
|> |>
|> |> It is included on the CD, but not installed by default. I believe
|> |> Ragnar have a reason for not installing it by default, but have
|> |> forgotten the arguments.
|> |>
|> |
|> | My arguments are mostly security based.
|> |
|> | There is no way to authenticate users when accessing local devices on
|> | the thin clients using the floppyd method. This means that the
|> floppy is
|> | open for reading and writing by anybody on any machine. By all means,
|> | install the package, but be aware of the security risks involved.
|>
|> Would it make sense with a Kerberos-enabled floppyd, when (or if)
|> Skolelinux switches to using Kerberos?
|
|
| Any method of authentication. I am not at all confident it is a simple
| task to enable that, though. LDAP would probably be a good choice.
Hmmm - not _any_ method, I think: You access an untrusted machine, so
shouldn't feed it your personal password!
Sure, you assume the machine you access is your own workstation, but how
do you know for sure?
|> As I understand Kerberos, the core logic is to authenticate _both_ user
|> and service against a third party (the ticket server). So even services
|> on a thin client should be able to trust if done properly, right?
|
|
| Don't know.
Fair enough. I know only fractions myself.
Andreas - have you become clever on these parts with your poking around
with AFS lately?
|> | In addition, Konqueror's floppy:/ kio is not very reliable.
|>
|> What has that to do with it (I am honestly interested for other reasons:
|> I have recently poked with getting KDE3.3 to work sanely with autofs4,
|> and is curious if there's a better way).
|
|
| It has nothing to do with security. It is a practical consideration. If
| it is known not to work, then I don't think it is wise to use it.
Sorry - I didn't make myself clear: I have poked with getting KDE 3.3
and autofs to work nicely together on a _fat_ machine, not a thin
client, and not using floppyd.
I was curious about maybe needing to configure som KIO stuff somehow. I
failed locating anything useful about floppy configuration at the KDE
website.
Currently I have autofs and /etc/fstab configured to point to same mount
point (to avoid KDE showing one - and one only - mount point for the
device) but could only make autofs mount as root and thus have world
write access to the device :-(
Without autofs KDE automatically attempts to mount the floppy but does
not unmount again.
~ - Jonas
- --
* Jonas Smedegaard - idealist og Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
~ - Enden er nær: http://www.shibumi.org/eoti.htm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBNHSKn7DbMsAkQLgRAhZyAJ9pncLcaYALfeVEFc+uX619SAFcDgCghlNZ
aO846XmR/gs7JloWPlz1VCE=
=L8De
-----END PGP SIGNATURE-----
Reply to:
- Follow-Ups:
- Re: Floppy
- From: Andreas Schuldei <andreas@schuldei.org>
- References:
- Re: Floppy
- From: tice cddp40 <cddp40.tice@ac-bordeaux.fr>
- Re: Floppy
- From: Petter Reinholdtsen <pere@hungry.com>
- Re: Floppy
- From: Ragnar Wisloff <ragnar@skolelinux.no>
- Re: Floppy
- From: Jonas Smedegaard <dr@jones.dk>
- Re: Floppy
- From: Ragnar Wisloff <ragnar@skolelinux.no>