IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 13 December 2009   (all times are UTC)

00:21Ahmuck-Sr has joined #ltsp
00:25Egyptian[Home] has quit IRC
00:28Egyptian[Home] has joined #ltsp
00:32alkisg has joined #ltsp
00:36Ahmuck-Sr_ has quit IRC
01:01Roel_ has joined #ltsp
01:08Roel__ has quit IRC
03:36Kicer86 has joined #ltsp
04:08ogra has quit IRC
04:23ogra has joined #ltsp
04:30alexqwesa_ has quit IRC
04:45alexqwesa_ has joined #ltsp
05:00alexqwesa_ has quit IRC
05:05alexqwesa has joined #ltsp
05:45pmatulis has joined #ltsp
06:35FGXR6 has joined #ltsp
06:53F-GT has quit IRC
06:53alkisg has quit IRC
06:53alkisg has joined #ltsp
06:54alkisg has quit IRC
08:03pmatulis has quit IRC
08:04alexqwesa has quit IRC
08:14pmatulis has joined #ltsp
08:14Roel__ has joined #ltsp
08:18alexqwesa has joined #ltsp
08:32Roel_ has quit IRC
08:32Roel___ has joined #ltsp
08:36alkisg has joined #ltsp
08:50Roel__ has quit IRC
08:57alexqwesa has quit IRC
09:03alexqwesa has joined #ltsp
09:09
<jhutchins_lt>
Goodness, the Ahmucks are here.
09:10
My LTSP session does not have the "Switch User" option in the menu. Is there an easy way to fix that?
09:11
<alkisg>
User switching from inside an LTSP session isn't supported afaik.
09:13
<sbalneav>
yeah, user switching only works locally, not remotely.
09:23
<alkisg>
Has anyone used samba as a PDC?
09:24
<jhutchins_lt>
alkisg: So it's not possible to start a second GUI session?
09:25
alkisg: Yes on Samba.
09:25
<sbalneav>
jhutchins_lt: No, not on LTSP.
09:25
<alkisg>
jhutchins_lt: no, unless you start multiple LDMs on different SCREENs (not sure if that's possible also)
09:25
<sbalneav>
We don't have the necessary dbus integration and/or bits to start a second session.
09:25
alkisg: yes, it is.
09:25
<alkisg>
jhutchins_lt: how do you make clients join the samba PDC? You install winbind on them?
09:26
<sbalneav>
ldm does support multple screens.
09:26
<jhutchins_lt>
net join <workgroup>
09:26
On the client.
09:26
alkisg: I'm not clear on whether you still need to create a machine account first, I think it will prompt for a root password and create one.
09:26
(Root for the SMB server)
09:27
<alkisg>
Thanks, ugh, gotta go, bbl.
09:31alkisg has quit IRC
09:34alkisg has joined #ltsp
10:25
<alexqwesa>
one my pxe-client can't start kernel(after kernel upgrade), it load linux-ltsp and initrd-ltsp - and have a black screen
10:26
how can i see kernel log on ltsp-client?
10:26
(and on other ltsp-client - all work)
10:30
<johnny>
remove the quiet and splash args from /var/lib/tftpboot/ltsp/i386/pxelinux.cfg/default
10:32Egyptian[Home] has quit IRC
10:34
<alexqwesa>
johnny: already do it, but not help - i see only black screen
10:34
<johnny>
are you sure you removed them?
10:37
<alexqwesa>
yes
10:37
append initrd=boot/initrd-ltsp vga=791 NBDROOT="192.168.0.1;2001"
10:40
<alkisg>
alexqwesa: NBDROOT? what's what distro/version are you using?
10:41
<johnny>
it should be lowercase..
10:41
if you are using it
10:41
pretty sure it is case sensitive
10:41
and remove the vga line
10:41
<alkisg>
And also have : instead of ;
10:41
And maybe not have "
10:41
<johnny>
i think you're trying too hard.. set it back to normal
10:41
<alkisg>
And also not have initrd=boot/initrd-ltsp :P :D
10:43
jhutchins_lt: I'm trying to see if I use a samba PDC *instead* of using LDAP (i.e. have centralized user accounts on the server)... Is that possible? Would I need winbind on the clients for that?
10:44
<alexqwesa>
this line work before last update...., i use opnesuse11.2
10:45
<alkisg>
alexqwesa: try asking in #kiwi-ltsp (or something like that), kiwi is different that other tools than people here know about...
10:45
<jhutchins_lt>
alkisg: I've used it in single domain controller setups. I believe multiple controllers requires LDAP.
10:45
<alexqwesa>
and work on other ltsp-clent
10:46
ok
10:46
<jhutchins_lt>
alkisg: However, you can have a single server manage all loginsl, and you can tell other servers that it is the login server.
10:46
<alkisg>
jhutchins_lt: I want a single domain controller (= just a linux server), and only have domain clients connecting to it
10:46
<jhutchins_lt>
alkisg: I'm not clear that you can use this to manage linux logins though.
10:46
<alkisg>
jhutchins_lt: ah, you used it with windows clients?
10:47
<jhutchins_lt>
alkisg: Yes, that works fine (as long as they're Windows clients).
10:47
Winbind may make it possible to use it to controll linux access.
10:47
<alkisg>
jhutchins_lt: thanks, I'll try with a windows client first. Do I need to set a password for the root user?
10:48
(in Ubuntu the root user doesn't have a password by default)
10:48
(for the join command)
10:48
<jhutchins_lt>
alkisg: I would say yes. You can probably configure a user with appropriate privilages, but it's easiest to just use root.
10:48
alkisg: #samba
10:48
<alkisg>
jhutchins_lt: thanks man. I got more help here in a few minutes than all day at #samba :)
10:49
<jhutchins_lt>
alkisg: My problem is I picked up most of my samba knowledge ten years ago, and things have changed a bit.
10:49
NP.
11:26Cris1 has joined #ltsp
11:37
<pmatulis>
do people actually install openssh-server to client chroot? this yields identical host keys for all clients
11:40scottmaccal has joined #ltsp
11:57
<jhutchins_lt>
pmatulis: Depends on the deployment. Many ltsp environments are inherently secure.
11:59
<pmatulis>
jhutchins_lt: inherently secure, how so?
11:59
<jhutchins_lt>
pmatulis: Restricted with known users who lack any motivation to hack the system. My home, for instance.
12:00
Lack of external access/security threats.
12:02
<pmatulis>
jhutchins_lt: ok, home use then
12:03
<jhutchins_lt>
pmatulis: There are some "public" environments where it's similarly safe - for instance, no reward for hacking the system.
12:06
<alkisg>
pmatulis: on which scenario is that more insecure than having different host keys per thin client?
12:10
<pmatulis>
alkisg: the same reason why people do not use identical keys on all hosts they manage, it undermines host identification
12:14
<alkisg>
I don't get it. The clients usually have dynamic IPs and random hostnames, so how would they be identified?
12:16
<johnny>
how does it yield identical keys?
12:16
the keys are regenerated on every boot aren't they?
12:16
maybe that's just gentoo...
12:16
ah.. yes
12:16
because ubuntu starts openssh-server by default, but gentoo starts nos ervers by default
12:17
oh.. wait.. on debian at least they disable daemon starting
12:17
probably on ubuntu too.. so the keys can't be the same
12:17
in fact.. they are different eveyr boot..
12:17
pmatulis, ?
12:17
<alkisg>
johnny: the host keys are regenerated every time openssh is restarted? !!
12:17
<johnny>
on a client..
12:18
obviously..
12:18
<alkisg>
The host keys?
12:18
<johnny>
yes
12:18
it must.. there's no wherever to keep it persistant
12:18
<alkisg>
johnny: /etc/ssh/ssh_host_rsa_key ?
12:18
<johnny>
uhmM??? how could it be persistant?
12:18
can you tell me?
12:19
if you're using aufs on nbd..
12:19
<alkisg>
chroot, install openssh, => the key is created and stays the same forever
12:19
<johnny>
oh!.. you're supposed to do that EXPORT DAEMON thing..
12:19
whatever they do in the plugin
12:19
<alkisg>
So? Still, the key will be the same
12:19
<johnny>
it wouldn't then
12:19
because it wouldn't start the service
12:20
that's why i got confused :(
12:20
<alkisg>
The export daemon is to prevent the server ssh from restarting, it doesn't have anything to do with the keys...
12:20
The keys are generated on installation
12:20
<johnny>
oh.. not on starting?
12:20
<pmatulis>
alkisg: i wouldn't use the term 'usually' to define my security policies
12:20
<johnny>
ah.. ubuntu is weird then
12:20
<alkisg>
johnny: I think all distros would work like that
12:20
<johnny>
on gentoo the keys aren't generated until the service is started
12:21
so every client boot yields a different key
12:21
<alkisg>
johnny: how can you trust a server that's changing keys
12:21
?
12:21
<johnny>
client keys..
12:21
not server keys..
12:21
obviously you can't trust the client keys..
12:21
<alkisg>
We're talking about openssh SERVER
12:21
<johnny>
openssh server on the client..
12:21
<alkisg>
Right, it's still a server
12:21
<johnny>
yes.. the keys aren't generated by default on gentoo .. you either generate them yourself.. or when the service starts
12:22
so .. by default the keys change every boot
12:22
on a client..
12:22
<alkisg>
pmatulis: ok, "by default" the clients have dynamic IPs in Ubuntu.
12:22
not "usually"
12:22
<johnny>
sorry for the confusion.. didn't realize the install actuallygenerated the keys..
12:22
not the starting
12:23
<alkisg>
Ok, gotcha :)
12:24
johnny: not that that would give you any more security; you'd see just a "random" key each time you tried to connect to a client
12:28
<johnny>
definitely not..
12:31alexqwesa_ has joined #ltsp
12:32Egyptian[Home] has joined #ltsp
12:34johnny has left #ltsp
12:36scottmaccal has quit IRC
12:37johnny has joined #ltsp
12:44alexqwesa has quit IRC
13:14alexqwesa_ has quit IRC
13:14alexqwesa_ has joined #ltsp
13:24bobby_C has joined #ltsp
13:27alexqwesa_ has quit IRC
13:32johnny has left #ltsp
13:32alexqwesa_ has joined #ltsp
13:40johnny has joined #ltsp
14:04jhutchins has quit IRC
14:05jhutchins has joined #ltsp
14:11alexqwesa_ has quit IRC
14:18Kicer86 has quit IRC
14:24alexqwesa_ has joined #ltsp
14:53prpplague is now known as prpplague_afk
15:01alexqwesa_ has quit IRC
15:04
<dmarkey_>
has anyone used the spice protocol yet?
15:07
<alkisg>
Is that something like nx, but mostly targeted to VMs?
15:08
<dmarkey_>
yep
15:08
i uses a special graphics driver in the guest
15:08
<Appiah>
just got open sourced
15:08
<alkisg>
And the clients would be standalone desktops? Or they'd netboot?
15:09
<Appiah>
dont think anyone made anything for ltsp with that
15:09
<dmarkey_>
alkisg: both
15:10
<alkisg>
And the graphics driver would work only with X? Or is it OS independed?
15:10
<dmarkey_>
alkisg: i think there's a linux and windows driver
15:10
<alkisg>
Ah, saw it, yes, both
15:11alexqwesa_ has joined #ltsp
15:11
<dmarkey_>
its looks impressive
15:11
<alkisg>
Well I'd like to see youtube etc on it before judging :)
15:13
<Appiah>
I thought SPICE was for virtualization/VDI and that stuff
15:13
<dmarkey_>
http://www.youtube.com/watch?v=S4DZwYqnyJM
15:13
it is
15:15
<alkisg>
Looks good :)
15:17
<dmarkey_>
but it does mean a VM for each user, different to the std ltsp model
15:21
<alkisg>
And it also would need powerful clients... but if it's fast, I bet people will use it
15:24
http://media.brianmadden.com/qumranetvids/blogplayerstatic.asp
15:43alkisg has quit IRC
15:46Wastrel_ has quit IRC
15:46elias_a has quit IRC
15:46NeonLicht has quit IRC
15:46lupine_85 has quit IRC
15:46zamba has quit IRC
15:47lupine_85 has joined #ltsp
15:49Wastrel_ has joined #ltsp
15:49zamba has joined #ltsp
15:49elias_a has joined #ltsp
15:49NeonLicht has joined #LTSP
15:53elias_a has quit IRC
15:53elias_a has joined #ltsp
15:53elias_a_ has joined #ltsp
15:53elias_a has quit IRC
16:15alexqwesa_ has quit IRC
16:23alexqwesa_ has joined #ltsp
16:42Lumiere has quit IRC
16:44Lumiere has joined #ltsp
17:02alexqwesa_ has quit IRC
17:17Lumiere has quit IRC
17:18alexqwesa_ has joined #ltsp
17:23johnny has left #ltsp
17:28squarepeg_ has joined #ltsp
17:38Sarten-X has quit IRC
17:39Sarten-X has joined #ltsp
17:48bobby_C has quit IRC
18:18pmatulis has quit IRC
18:24Egyptian[Home] has quit IRC
18:25Egyptian[Home] has joined #ltsp
18:30pmatulis has joined #ltsp
18:34squarepeg_ has quit IRC
18:42alexqwesa_ has quit IRC
19:00try2free has joined #ltsp
19:04try2free has left #ltsp
19:18alexqwesa_ has joined #ltsp
19:39Ahmuck-Sr has quit IRC
19:40Lumiere has joined #ltsp
19:43ehrenpr has joined #LTSP
20:19ehrenpr has quit IRC
20:34Cris1 has quit IRC
20:50pmatulis has quit IRC
21:45johnny has joined #ltsp
21:55vicd has joined #ltsp
22:09Sarten-X has quit IRC
22:10Sarten-X has joined #ltsp
22:53alkisg has joined #ltsp
22:55ccbarr has joined #ltsp
22:57alexqwesa_ has quit IRC
23:05alexqwesa_ has joined #ltsp
23:43alkisg has quit IRC