From: Gideon R. <gi...@sy...> - 2009-03-08 15:56:40
|
Robert, If you use sshfs, then you need the same authentication in 2 places: the server and the client. If the idea of a fat client is to have everything run locally, it may not make sense to have users set up in both locations. Of course, you could easily achieve what you are after with pam_mount in the chroot set up to mount an sshfs mount, but you would still be left with the above question. Then again, I have never seen David's fat client plugin, and I am not sure how authentication is addressed. If you could centralize authentication to the server and not do it on the client at all, then a plugin that mounts /home over sshfs makes much more sense. Of course, as I type, this sounds vary much like what would happen if you set: LOCAL_APPS=True LDM_XSESSION="ltsp-localapps /etc/X11/Xsession" In other words, you simply use the existing local apps infrastructure to launch an entirely local Xsession. Food for thought. -Gadi On Fri, 2009-03-06 at 15:30 -0800, Robert Arkiletian wrote: > Currently there are 2 solutions for diskless fat clients. > > 1) David Van Assche has made a Fat Client script > 2) DRBL http://drbl.sourceforge.net/ > > Both use NFS to mount /home rw. This is not secure. > > Scott Balneaves and others wrote the LDM display manager and LTSPFS to > mount /home for local devices/apps with sshfs. > > Wondering if this code can be modified/used to create an sshfs > authenticated mount of /home/user. BUT ONLY have encyption for the > authentication part. Hence getting rid of the encryption/decryption > overhead for data, just like NFS. > > Basically, the same idea as was employed with LDM authenticating > securely but X being unencrypted (Direct-X) > > I really feel having a secure diskless fat client solution is > important. Is this on the TODO list of any LTSP developers? |