On Thu, 2008-10-30 at 16:09 -0700, Alan Dayley wrote: > I'm specifying the configuration for secure, remote desktop login on a > Linux box. Here are the basic requirements: > > 1 - User's computers are running Windows XP (or maybe 2000 but not > Vista) so the remote desktop client needs to run on Windows XP. > 2 - The Linux desktop will be KDE (not that this should matter too much). > 3 - At first the remote connection will be over the LAN, not over the > Internet (not that this should matter much either). > 4 - The connection between the client and the desktop server must be encrypted. > 5 - The user must not be allowed to copy files or other data from the > desktop server to their computer. The user can only login and use the > server desktop. > 6 - The user will login using credentials on the desktop server > independent of any other authentication mechanism. > > I think FreeNX (http://freenx.berlios.de/) fits this bill. But I > wanted to ask the group about any other options I may not know about. > I'm shooting for a FS/OSS solution but am not against paying for it if > that is the best thing to do. (Meaning FS/OSS solutions that have pay > support are fine.) > > Any thoughts? ---- freenx - don't look any further. I don't know what your 'server' is running but RHEL/CentOS has freenx server available in CentOS Plus repository, Fedora has it available in standard repositories and I would venture that any Debian installation would have it packaged and ready to install. FreeNX does a number of things... - encrypted SSL - compression for excellent transmissions, even through congested network space (i.e., Internet) - can possibly use local printers/hard drive (I presume you can disable this feature too) - supports copy/paste from to/from host The client is downloaded free from 'nomachine.org' Nomachine.com also sells their NX Server which is probably better than the FreeNX version but to be honest, FreeNX has always given me what I need. I am concerned though that you are thinking that you can give a user a shell on a system and prevent them from copying files to/from anywhere. I don't think that is a reasonable expectation. I think if your expectation is to really put limitations on a user, you should be using something like LTSP (http://www.ltsp.org) Craig --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss