From: Diego T. <dt...@co...> - 2003-08-29 17:08:18
|
i've been playing with ltsp for a couple of days and liked too much the idea of booting from any network card. This means (for example) that why could get rid of a compactflash adapter (on a small router box) so it could be made even smaller (no mechanical parts, less power consumtion etc...) So, the question is... has someone think about making dl interact with ltsp, or at least, to boot from network instead of cd? There are only a few kernel modifications needed (ip autoconfiguration on startup and nfs client support), and a few scripts that need to be redone (more or less the dhcp-client side stuff)... And some good news, ltsp is going to release version 4, which has separate (and clearly differenciate) modules, one for the nfs/boot system, other for the basic soft, other for the x subsystem... Surely i'll buy an epiaM6000CL on this month and will start testing. (epia site: www.viapsd.com, www.mini-itx.com) comments, suggestions, ideas, flames? :) -- -- gnupg keyfingerprint -- 48AF 5BF9 8F54 2966 64CC 2327 7CD0 DD91 B09D 5799 -- Use of a keyboard or mouse may be linked to serious injuries or disorders. Diego Torres - dt...@co... - Madrid / España |
From: Bruce S. <bw...@ar...> - 2003-08-29 17:52:43
|
> i've been playing with ltsp for a couple of days and liked too much > the idea of booting from any network card. Yes, LTSP is a nice package for making older PC's into thin-client / X-terminal boxes! > This means (for example) that why could get rid of a compactflash > adapter (on a small router box) so it could be made even smaller (no > mechanical parts, less power consumtion etc...) > > So, the question is... has someone think about making dl interact with > ltsp, or at least, to boot from network instead of cd? You're also taking about getting rid of the CD drive, along with the USB/floppy device that holds the config? If you're not going to get rid of the CD drive, then it doesn't gain much over my idea to provide a default configuration right on the CD. (see thread from earlier this week) > And some good news, ltsp is going to release version 4, which has > separate (and clearly differenciate) modules, one for the nfs/boot > system, other for the basic soft, other for the x subsystem... > > Surely i'll buy an epiaM6000CL on this month and will start testing. > (epia site: www.viapsd.com, www.mini-itx.com) www.viapsd.com doesn't resolve for me. :-( > comments, suggestions, ideas, flames? :) I see a couple major downsides, for which I (personally) would NOT run DL over a network. My DL firewall/router would become totally dependent on a separate file server. If the file server went down, so would my DL firewall/router. And there are the security issues. Typically a lot of people have access to a file server (probably a lot more people than have login access to the DL firewall). And the file server is running a lot more services than the DL box. This makes the file server easier to crack than DL. If the file server is compromised, then the attacker would then have the ability to modify the DL firewall configuration. Plus the NFS protocol is very insecure itself. Too scary for me! :-) - BS |
From: Diego T. <dt...@co...> - 2003-08-29 19:36:46
|
On Fri, Aug 29, 2003 at 01:52:41PM -0400, Bruce Smith wrote: > > So, the question is... has someone think about making dl interact with > > ltsp, or at least, to boot from network instead of cd? > > You're also taking about getting rid of the CD drive, along with the > USB/floppy device that holds the config? of course :) > If you're not going to get rid of the CD drive, then it doesn't gain > much over my idea to provide a default configuration right on the CD. > (see thread from earlier this week) i like the idea of having a default config on the cd, but only if its loaded after trying the floppy drive. > > Surely i'll buy an epiaM6000CL on this month and will start testing. > > (epia site: www.viapsd.com, www.mini-itx.com) > > www.viapsd.com doesn't resolve for me. :-( from www.mini-itx.com there are some links to the via site... let me check... http://www.viamainboard.com/product/epia_m_spec.jsp?motherboardId=81 http://www.viaarena.com/?PageID=187 > > comments, suggestions, ideas, flames? :) > > I see a couple major downsides, for which I (personally) would NOT run > DL over a network. > > My DL firewall/router would become totally dependent on a separate file > server. If the file server went down, so would my DL firewall/router. thats true. on the other hand, you won't rely on a cd drive/cd disk, neither on a floppy full of dust :) (btw, i usually connect the main server and the dl firewall to the same UPS) > And there are the security issues. Typically a lot of people have > access to a file server (probably a lot more people than have login > access to the DL firewall). And the file server is running a lot more > services than the DL box. This makes the file server easier to crack > than DL. If the file server is compromised, then the attacker would > then have the ability to modify the DL firewall configuration. Plus the > NFS protocol is very insecure itself. Too scary for me! :-) i don't like thinking that my file server is easy to crack, but yes, thats a point for you :) -- -- gnupg keyfingerprint -- 48AF 5BF9 8F54 2966 64CC 2327 7CD0 DD91 B09D 5799 -- Use of a keyboard or mouse may be linked to serious injuries or disorders. Diego Torres - dt...@co... - Madrid / España |
From: Bruce S. <bw...@ar...> - 2003-08-29 20:08:57
|
> > If you're not going to get rid of the CD drive, then it doesn't gain > > much over my idea to provide a default configuration right on the CD. > > (see thread from earlier this week) > > i like the idea of having a default config on the cd, but only if its > loaded after trying the floppy drive. After looking at the boot script, that's easiest way to code it. So, it will search floppy and USB before looking on the CD for a custom config. > > > Surely i'll buy an epiaM6000CL on this month and will start testing. > > > (epia site: www.viapsd.com, www.mini-itx.com) > > > > www.viapsd.com doesn't resolve for me. :-( > > from www.mini-itx.com there are some links to the via site... let me check... > > http://www.viamainboard.com/product/epia_m_spec.jsp?motherboardId=81 > > http://www.viaarena.com/?PageID=187 Very cool! > > My DL firewall/router would become totally dependent on a separate file > > server. If the file server went down, so would my DL firewall/router. > > thats true. on the other hand, you won't rely on a cd drive/cd disk, > neither on a floppy full of dust :) > (btw, i usually connect the main server and the dl firewall to the same UPS) I mainly like the idea of being able to take down or reboot my file servers without downing the internet connection too. That may not be an issue for you, or other people. At one time Heiko talked about moving the entire DL distro to a USB memory stick. That way DL would be entirely self contained on a PC with no moving parts (and more dependable than a CD/floppy setup). I haven't heard anything about it lately. What's the status of that idea? > > And there are the security issues. Typically a lot of people have > > access to a file server (probably a lot more people than have login > > access to the DL firewall). And the file server is running a lot more > > services than the DL box. This makes the file server easier to crack > > than DL. If the file server is compromised, then the attacker would > > then have the ability to modify the DL firewall configuration. Plus the > > NFS protocol is very insecure itself. Too scary for me! :-) > > i don't like thinking that my file server is easy to crack, but yes, > thats a point for you :) It boils down to how much you trust your local [file server] users. I'm sure that varies from place to place. I trust the users on my home network (my wife and myself) more than I trust my users at work. :-) - BS |
From: Heiko Z. <he...@zu...> - 2003-09-02 01:00:17
|
Bruce Smith wrote: >>>My DL firewall/router would become totally dependent on a separate file >>>server. If the file server went down, so would my DL firewall/router. >> >>thats true. on the other hand, you won't rely on a cd drive/cd disk, >>neither on a floppy full of dust :) >>(btw, i usually connect the main server and the dl firewall to the same UPS) > > > I mainly like the idea of being able to take down or reboot my file > servers without downing the internet connection too. That may not be > an issue for you, or other people. > > At one time Heiko talked about moving the entire DL distro to a USB > memory stick. That way DL would be entirely self contained on a PC with > no moving parts (and more dependable than a CD/floppy setup). I haven't > heard anything about it lately. What's the status of that idea? Still existing, I just didn't have time to fully implement it. Many of my latest changes to the system are made to support this functionality. Heiko |