Re: gdm vs. kdm
- From: "Leslie Rhorer" <lrhorer@xxxxxxxxxxx>
- Date: Sun, 10 Feb 2008 19:14:55 -0600
Because that's not what I said? to reiterate, I stated that most
people don't need XDMCP enabled on their X servers. If you need remote
Most people don't need computers. Most people don't run Linux. Most
people don't speak English, or even have access to a reliable source of
electricity. Most people are not relevant to this discussion. What is
relevant is the means for those who wish to or need to run XDMCP. That
other means of achieving a similar result may or may not be available may or
may not be relevant. Oh, and just by the way, one doesn't enable XDMCP on
the X server. The X server resides on the machine which contacts the remote
machine. XDMCP is a manager to an X Display Manager client, which in this
case resides on a file server and happens to be KDM.
access, that's what G*d invented ssh for.
ssh doesn't provide a Desktop Manager. XDMCP does.
And XDMCP is a potential security risk:
Of course it is! No one in their right mind would be enabling XDMCP
unless either the host itself does not need to be secure, or the network
itself is secure. In this case, it's both.
A foreign as the concept seems to be in the contemporary climate of
paranoia, not everything needs to be secure. In this particular case, every
single data file on this machine needs to be world accessible in the first
place, so any efforts to secure anything on the machne are wasted no matter
what.
Even though your display is protected by cookies, XEvents and
thus keystrokes typed when entering passwords will still go
over the wire in clear text. It is trivial to capture these.
It's only trivial to capture them if someone has physical access to the
network. Since every single user with physical access to this network knows
every password for every user on the machine, it's unlikley they would
bother to sniff the network trying to find the passwords.
And I can do all that under Debian with ssh and *no* XDMCP. Really.
Of course one can, but with multiple Windows machines on the network,
one would be forced to create multiple ssh scripts on multiple machines. An
XDMCP broadcast or query is much simpler.
Honest. Question, if I might? why are you running X on a server?
1. It's the easiest way to manage it from a Windows machine
2. Some of the server's utilities - the RAID array manager and the
Galleon GUI for example - are X utilities. Indeed, once the server is set
up and running, it's fairly unusual for the user to contact the machine
directly except to use the Galleon GUI. The Galleon server and SMB handle
almost all the access to the machine, but the Galleon GUI is used daily.
of my servers run X. That's not to say that X isn't available - it is,
but it isn't turned on by default. It is a waste of CPU cycles.
Not if it isn't active, it isn't.
And kubuntu should be able to do everything you want. It is, afterall,
Debian with a pretty installer and a smaller set of packages.
1. I prefer Debian
2. I'd rather not have any more different versions of OS running around
than necessary. It's bad enough I have to run Windows on some of the
machines and that there are various different embedded Operating Systems on
various pieces of equipment without me throwing two or three different
distros into the mix on a whim. Not all the Linux machines are servers and
not all the servers are Linux machines. Ditto the user workstations.
.
- Prev by Date: Re: gdm vs. kdm
- Next by Date: Mouse dying on me in Ubuntu
- Previous by thread: Re: gdm vs. kdm
- Next by thread: Mouse dying on me in Ubuntu
- Index(es):
Relevant Pages
|
