Secure remote desktop login?
Mike Hoy
mhoy06 at gmail.com
Thu Oct 30 16:40:44 MST 2008
On Thu, Oct 30, 2008 at 4:37 PM, Craig White <craigwhite at azapple.com> wrote:
> On Thu, 2008-10-30 at 16:09 -0700, Alan Dayley wrote:
>> I'm specifying the configuration for secure, remote desktop login on a
>> Linux box. Here are the basic requirements:
>>
>> 1 - User's computers are running Windows XP (or maybe 2000 but not
>> Vista) so the remote desktop client needs to run on Windows XP.
>> 2 - The Linux desktop will be KDE (not that this should matter too much).
>> 3 - At first the remote connection will be over the LAN, not over the
>> Internet (not that this should matter much either).
>> 4 - The connection between the client and the desktop server must be encrypted.
>> 5 - The user must not be allowed to copy files or other data from the
>> desktop server to their computer. The user can only login and use the
>> server desktop.
>> 6 - The user will login using credentials on the desktop server
>> independent of any other authentication mechanism.
>>
>> I think FreeNX (http://freenx.berlios.de/) fits this bill. But I
>> wanted to ask the group about any other options I may not know about.
>> I'm shooting for a FS/OSS solution but am not against paying for it if
>> that is the best thing to do. (Meaning FS/OSS solutions that have pay
>> support are fine.)
>>
>> Any thoughts?
> ----
> freenx - don't look any further.
>
> I don't know what your 'server' is running but RHEL/CentOS has freenx
> server available in CentOS Plus repository, Fedora has it available in
> standard repositories and I would venture that any Debian installation
> would have it packaged and ready to install.
>
> FreeNX does a number of things...
> - encrypted SSL
> - compression for excellent transmissions, even through congested
> network space (i.e., Internet)
> - can possibly use local printers/hard drive (I presume you can disable
> this feature too)
> - supports copy/paste from to/from host
>
> The client is downloaded free from 'nomachine.org'
>
> Nomachine.com also sells their NX Server which is probably better than
> the FreeNX version but to be honest, FreeNX has always given me what I
> need.
>
> I am concerned though that you are thinking that you can give a user a
> shell on a system and prevent them from copying files to/from anywhere.
> I don't think that is a reasonable expectation. I think if your
> expectation is to really put limitations on a user, you should be using
> something like LTSP (http://www.ltsp.org)
>
> Craig
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
Mike Hoy
Saguaro Sports
More information about the PLUG-discuss
mailing list