XDMCP over VPN

R. Wood rw at ncf.ca
Thu Oct 8 01:47:51 UTC 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Allegedly, on Wed, Oct 07, 2009 at 02:45:04PM -0400, Darryl Moore stated:
> R. Wood wrote:
> > Allegedly, on Wed, Oct 07, 2009 at 10:19:50AM -0400, Darryl Moore stated:
> > > Hi all, this list is being pretty quiet these days so I think I'll
> > > liven it up with a question or two and see if there are any
> > > takers.
> > > 
> > > I've set up OpenVPN using a tun device interface so that the
> > > remote system is on a different subnet. Works well, but of course
> > > it is difficult to give complete access to the entire network, and
> > > all machines on the network need to have to have their routing
> > > tables adjusted to direct packets to vpn client via the vpn
> > > server. I've been able to do that with the DHCP server, but of
> > > course some other devices like some printers and  consumer grade
> > > routers do not have the ability to add routing information.
> > > Problem!
> > > 
> > > The other option for me is to use a tap interface which of course
> > > gives complete network access as it will route ethernet level
> > > packets as well as IP. Another option I thought about was to have
> > > another computer on the network with remote XDMCP logins enabled
> > > (and only accepted from VPN clients). This way I could keep the
> > > remote user behind a firewall but allow them complete access via a
> > > local machine which they can log on to with their regular user
> > > name and password.
> > > 
> > > Does any one have any thoughts on this arrangement? And the big
> > > question is. How the %$$#@% do I get a login window on the client
> > > without first having to logout. Once upon a time there was an
> > > option for "new login" which started another X session. Then I had
> > > the option of choosing the user name as well as selecting an XDMCP
> > > session. Not any more.
> > > 
> > > cheers,
> > > darryl
> > 
> > Hi Darryl,
> > 
> > I confress I've only given your email above a quick read, which does
> > not do it justice, but I thought I would just throw this into the
> > mix -- have you heard of 'freenx', and does it apply at all to what
> > you're trying to accomplish?
> > 
> > TTYL,
> > Raymond
> 
> Hey that's brilliant! I don't think I'd heard of freenx before. I'll
> definitely look into this as a possible solution.
> 
> Thanks,
> darryl

Check out the 'deb' installation files on the freenx download web page
(the 'free' ones).  Installation should be a snap; configuration can
sometimes be finicky.  For instance I've found it necessary with my
setup to include 'AllowUser' additions for 'nx' in /etc/ssh/sshd_config
YMMV.

Let us know how it goes...

Have Fun with GNU/Linux,
Raymond
- -- 
"Be Nice, or Leave - By Order of the Management"
(Sign above door, Black Sheep Inn, Wakefield)
GPG Fingerprint: 2E4D 8605 DD48 E80F F893  1C02 B65D 86D9 3B3C 0E03
Encrypted E-mail Preferred
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKzUTHtl2G2Ts8DgMRAkxlAJ9N6WRmCMgOGfDHN8gk+7jnNthw6wCgxxsA
uD1ud21RWntcvYUledEWQSE=
=02EY
-----END PGP SIGNATURE-----

More information about the ubuntu-ca mailing list