tags:

views:

231

answers:

2
Q: 

Are there any secure alternatives to XDMCP?

The title says it all: Are there any secure alternatives to XDMCP (A Linux remote desktop protocol)?

I'd like to set up some thin clients -- UI heads (old computer + mouse + keyboard) connected to VMs on a fast server. ssh -Y doesn't quite cut it, since this would be for non-savvy computer users. I'd like it integrated with kdm/gdm if possible (this seems to rule out Nomachine NX, and I don't like closed source).

I am on a private network, so I guess I'll probably end up going with XDMCP, but it would seem kinda sorry if there aren't any secure open-source alternatives.

A: 

Why not use ssh -X ? You could auto-logon locally with a general user and then autorun a script displaying a form for entering user/passwd which connects to a session using ssh -X...

Atmocreations  2009-10-28 09:11:04
That's a very ad-hoc solution. It's easy to manipulate (simply editing the startup script for the guest user, and make it log passwords), and undoubtedly confusing when things don't work right.Also, I think you really want to use ssh -Y; iirc ssh -X only forwards X11, not tunnels it.
gatoatigrado  2009-10-28 18:44:53
Well I guess it's not easy to manipulate the startup script as the user has read-only access on it. But yes you're right, ssh -X only forwards X11. Didn't know it needs to be tunneled.
Atmocreations  2009-10-30 20:27:47
+1  A: 

This seems like a question for serverfault, but couldn't you just setup a VPN between the client computer and the server? That way, all traffic will be encrypted between the two machines.

Dan  2009-12-05 05:02:53
sounds good, I'm wondering why I didn't think of that... will take a look at strongswan (unless you know something better)?
gatoatigrado  2009-12-05 14:12:24
I've always used OpenVPN, but it falls in the "it's what I know" category more than the "it's better than xyz" category
Dan  2009-12-09 03:09:09

related questions

grep a file, but show several surrounding lines?
VMWare Server Under Linux Secondary NIC connection
Should I move from C++ to Python? ... Or another language?
Globus Toolkit virtual machine
How to avoid redefining VERSION, PACKAGE, etc.
How do I setup Public-Key Authentication?
showing a message box from a bash script in linux
Best Linux Distro for Computer Repair
Mapping my custom keys in Debian
Any IcedTea war stories?
How do you find the age of a long-running Linux process?
Personal Linux web server
Programmatically talking to a Serial Port in OS X or Linux
what's in your .bashrc ?
Linux - files and scripts that execute on boot
Text Editor For Linux (Besides Vi)?
Lightweight IDE for Linux
Shell scripting input redirection oddities
XML Editing/Viewing Software
What should a longtime Windows user know when starting to use Linux?
Gtk SSH client for Linux?
Getting root permissions on a file inside of vi?
Is it possible to drag windows between workspaces when using Compiz?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?