Setting Up Your Own Diskless Workstations with LTSP - page 5
The Whys and Wherefores of LTSP
System administrators, when finished configuring the diskless workstations, need to take care about security. Services used in such networks (NFS, X Window) are rather weak, and they have rather insecure tools for restricted access.
This is why a aystem administrator needs:
- to make DHCP allocates IP addresses with attachments to real MAC addresses of network cards.
- to configure the firewall to allow access to ports 514/udp (syslog), 7100/tcp (font server), 2049/tcp/udp (nfs) for local workstations only.
- to restrict access to xdm.
This last requirement is handled in the /etc/X11/xdm/Xaccess file, where you can define a list of local diskless workstations and allow access only for them by commenting out the lines:
* #any host can get a login window * CHOOSER BROADCAST #any indirect host can get a chooser
and creating a list of actual workstations:
ws001 ws002 %hostlist ws001 ws002 * CHOOSER %hostlist
Sponsored by BlackBerry
BlackBerry® Enterprise Server Express enables businesses of any size to quickly and easily get started with the BlackBerry solution. It provides advanced BlackBerry smartphone features with no additional software or user license fees, and works with any Internet-enabled BlackBerry data plan or a BlackBerry enterprise data plan. Download now!