IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 8 May 2019   (all times are UTC)

00:02vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
00:18GodFather has left IRC (GodFather!~rcc@143.59.184.72, Ping timeout: 246 seconds)
01:32nehemiah has joined IRC (nehemiah!~nehemiah@156.19.21.242)
02:57jgee4 has left IRC (jgee4!~jgee@190.159.118.121, Ping timeout: 248 seconds)
03:01jgee4 has joined IRC (jgee4!~jgee@190.159.118.121)
03:07jgee4 has left IRC (jgee4!~jgee@190.159.118.121, Ping timeout: 252 seconds)
03:11jgee4 has joined IRC (jgee4!~jgee@190.159.118.121)
03:15jgee4 has left IRC (jgee4!~jgee@190.159.118.121, Ping timeout: 252 seconds)
03:19jgee4 has joined IRC (jgee4!~jgee@190.159.118.121)
03:28jgee4 has left IRC (jgee4!~jgee@190.159.118.121, Ping timeout: 252 seconds)
04:11nehemiah has left IRC (nehemiah!~nehemiah@156.19.21.242, Ping timeout: 258 seconds)
04:25jgee4 has joined IRC (jgee4!~jgee@190.159.118.121)
04:27vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
04:32jgee4 has left IRC (jgee4!~jgee@190.159.118.121, Ping timeout: 252 seconds)
04:32nehemiah has joined IRC (nehemiah!~nehemiah@156.19.21.242)
04:34jgee4 has joined IRC (jgee4!~jgee@190.159.118.121)
04:41adrianorg has left IRC (adrianorg!~adrianorg@189.58.180.113.dynamic.adsl.gvt.net.br, Ping timeout: 252 seconds)
05:12adrianorg has joined IRC (adrianorg!~adrianorg@189.58.180.113.dynamic.adsl.gvt.net.br)
05:22woernie has joined IRC (woernie!~werner@p5B296A22.dip0.t-ipconnect.de)
05:34pppingme has left IRC (pppingme!~pppingme@unaffiliated/pppingme, Ping timeout: 250 seconds)
05:38vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
05:43ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
05:48woernie has left IRC (woernie!~werner@p5B296A22.dip0.t-ipconnect.de, Remote host closed the connection)
06:17SYS64738 has joined IRC (SYS64738!~jhonny5@159.213.93.166)
06:20kjackal has joined IRC (kjackal!~quassel@2a02:587:3217:3b00:75de:36cf:bd8d:9150)
06:30kjackal has left IRC (kjackal!~quassel@2a02:587:3217:3b00:75de:36cf:bd8d:9150, Remote host closed the connection)
06:30kjackal has joined IRC (kjackal!~quassel@2a02:587:3217:3b00:75de:36cf:bd8d:9150)
06:33pppingme has joined IRC (pppingme!~pppingme@unaffiliated/pppingme)
06:38kjackal_v2 has joined IRC (kjackal_v2!~quassel@2a02:587:3204:1600:75de:36cf:bd8d:9150)
06:39kjackal has left IRC (kjackal!~quassel@2a02:587:3217:3b00:75de:36cf:bd8d:9150, Ping timeout: 258 seconds)
06:45kjackal_v2 has left IRC (kjackal_v2!~quassel@2a02:587:3204:1600:75de:36cf:bd8d:9150, Ping timeout: 258 seconds)
07:45woernie has joined IRC (woernie!~werner@p578bb7b6.dip0.t-ipconnect.de)
08:49statler has joined IRC (statler!~Georg@gwrz.lohn24.de)
10:31kjackal has joined IRC (kjackal!~quassel@2a02:587:311c:9d00:9d15:78a8:d703:6a71)
10:43GodFather has joined IRC (GodFather!~rcc@96-92-43-9-static.hfc.comcastbusiness.net)
10:53ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Remote host closed the connection)
11:56ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
12:01Faith has joined IRC (Faith!~Paty_@unaffiliated/faith)
12:11mgariepy has left IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy, Quit: Leaving)
12:21mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)
12:29mgariepy has left IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy, Quit: Leaving)
12:34mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)
12:55woernie has left IRC (woernie!~werner@p578bb7b6.dip0.t-ipconnect.de, Remote host closed the connection)
12:58mgariepy has left IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy, Remote host closed the connection)
13:09mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)
13:26copycat has joined IRC (copycat!bb953f00@gateway/web/freenode/ip.187.149.63.0)
13:27
<copycat>
hi good morning i have a question how can i make cups start on ltsp clients
13:27
cups wont start
13:28
<alkisg>
copycat: cups usually runs, but the cups on the server is used
13:28
What's your goal? E.g. to share a printer on the client? From the server? Which one?
13:29
Also, is it a thin or a fat client?
13:30
Anyway, time to go, read these...
13:30
!printer
13:30
<ltsp>
printer: Quick how-to: RCFILE_01="/usr/sbin/jetpipe /dev/usb/lp0 9100 &" in lts.conf, reboot client, then go to server's add printer dialog, and specify network printer → jetdirect → ltsp123.local
13:30
<copycat>
i want to use and share a printer and is a fat client
13:30
<alkisg>
!print
13:30
<ltsp>
I do not know about 'print', but I do know about these similar topics: 'fatclient-printers', 'printer'
13:30
<alkisg>
!fatclient-printers
13:30
<ltsp>
fatclient-printers: You can publish printers on your network so that fat clients see them, by launching "system-config-printer" and selecting Server → Settings → Publish shared printers connected to this system
13:31
<copycat>
thnks
13:31
<alkisg>
I.e. the printer will be served by the server, so that it's easier to install drivers etc
13:32
np; later...
14:01GodFather has left IRC (GodFather!~rcc@96-92-43-9-static.hfc.comcastbusiness.net, Ping timeout: 246 seconds)
14:21copycat has left IRC (copycat!bb953f00@gateway/web/freenode/ip.187.149.63.0, Ping timeout: 256 seconds)
14:42kjackal has left IRC (kjackal!~quassel@2a02:587:311c:9d00:9d15:78a8:d703:6a71, Remote host closed the connection)
14:46danboid has joined IRC (danboid!~ISDADS\sg@146.87.65.50)
14:47
<danboid>
I should be able to disable SSH password logins to our LTSP server yet still allow people to login to LTSP client machines with a password right?
14:47
<mwalters>
my understanding is that LDM uses SSH to authenticate user logins
14:48
There might be a way to prevent "regular" SSH logins, but it's not immediately obvious to me
14:48
<danboid>
Oh right. I wasn't sure how the two interoperated
14:55
So, I'm not sure what the optimum ssh config is then
14:55
I think what I want to do is use
14:55
<mwalters>
awhat's your goal?
14:56
<danboid>
Match Address 146.87.0.0/16
14:56
PasswordAuthentication yes
14:56
So that people on the LAN can login with a password
14:56
<mwalters>
It should work that way "out of the box" on most distros
14:56
<danboid>
but what do I set UsePAM to et
14:58
<mwalters>
mine is "yes"
14:59
hold up... what's the goal? let people log into the clients via ssh?
14:59
or the server
14:59
<danboid>
I'm trying to stop people logging onto our LTSP server using SSH passwords
15:00
keys only
15:00
<mwalters>
I'm not certain that's possible
15:00
<danboid>
but obvs we need to let users login with a password
15:00
<mwalters>
without adjusting how people authenticate on the clients
15:01
<danboid>
keys isn't goingto woprk for the clients
15:01
So the answer is no, an LTSP server must have SSH password login enabled then
15:02
alkisg, ^^4
15:02
<alkisg>
danboid: eh, you can tell ldm to use keys; but this only makes sense if you someone already have them on the clients
15:03
*somehow
15:03
<danboid>
alkisg, That sounds like a lot of work
15:03
<alkisg>
For diskless clients, this doesn't make much sense, /home isn't there
15:03
<mwalters>
can LDM access USB?
15:03
<alkisg>
Unless your users carry a usb stick with them
15:03
<danboid>
Yep, diskless clients
15:03
<mwalters>
even in that scenario, I think you'd still want a passphrase depending on the environment
15:04
something you have (the usb key), something you know (a passphrase to decrypt the key?)
15:05
<alkisg>
danboid: how were you planning to authenticate the users? how would you know it's one user and not another one?
15:07
<danboid>
alkisg, The users all have passwords. I didn't know ldm was tied to SSH so I hoped to disabled SSH passwords, use keys for SSH and passwords for LTSP logins
15:08
<alkisg>
I see. Well, ldm had to communicate the password to the server somehow; and ssh is one of the most safe ways to do that.
15:08
You can use listenaddress etc or iptables to limit access to lan, sure
15:10
<danboid>
alkisg, Yes, I'll have to set up some firewall rules instead. Thanks!
15:10
<alkisg>
np
15:59danboid has left IRC (danboid!~ISDADS\sg@146.87.65.50, Remote host closed the connection)
16:08kjackal has joined IRC (kjackal!~quassel@2a02:587:311c:9d00:70ee:5f34:4c95:b67b)
16:25SYS64738 has left IRC (SYS64738!~jhonny5@159.213.93.166, Ping timeout: 244 seconds)
16:38ZAJDAN has left IRC (ZAJDAN!~zdenek@77.48.149.75, Quit: Konversation terminated!)
16:39ZAJDAN has joined IRC (ZAJDAN!~zdenek@77.48.149.75)
17:16adrianor1 has joined IRC (adrianor1!~adrianorg@187.113.219.107)
17:19adrianorg has left IRC (adrianorg!~adrianorg@189.58.180.113.dynamic.adsl.gvt.net.br, Ping timeout: 248 seconds)
17:57mgariepy has left IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy, Quit: Leaving)
17:58mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)
19:10
<mwalters>
I know this isn't ltsp specific, but how the hell do I trust a certificate on a client?
19:11
I've dropped the cert in /opt/ltsp/amd64/usr/share/ca-certificates and ran update-ca-certificates
19:11
(ran it from ltsp-chroom)
19:11
chroot, even
19:12
and updated the image
19:14
asdlfjkasdlkfj nvm
19:43statler has left IRC (statler!~Georg@gwrz.lohn24.de, Remote host closed the connection)
20:01ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Remote host closed the connection)
20:13book` has left IRC (book`!~book`@68.ip-149-56-14.net, Ping timeout: 250 seconds)
20:15alkisg has left IRC (alkisg!~alkisg@ubuntu/member/alkisg, Ping timeout: 250 seconds)
20:15book` has joined IRC (book`!~book`@68.ip-149-56-14.net)
20:15alkisg has joined IRC (alkisg!~alkisg@ubuntu/member/alkisg)
20:20
<mwalters>
I guess there's no way to do it system wide, I need to modify everyone's nssdb by hand =/
20:21
...which hilariously doesn't work with firefox... wasn't nss a mozilla project?
20:28
<quinox>
artisinal certificates, installed by hand for the best performance - the craftmanship is overpowreing
20:28
<mwalters>
organic, freerange, gluten free certificates
20:29
<quinox>
seeing how MATE destroyed the homepage of both my Firefox and Chrome without me even using MATE I can only assume there must be fully automated way of adding more certs
20:29
<mwalters>
I'm sure there is
20:29
but this is a problem for future mwalters
20:29
because now is the time to go get food and beer
20:29* mwalters waves
20:29
<quinox>
excellent idea
20:29
cheers
20:52Faith has left IRC (Faith!~Paty_@unaffiliated/faith, Quit: Leaving)
21:06vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
21:29kjackal has left IRC (kjackal!~quassel@2a02:587:311c:9d00:70ee:5f34:4c95:b67b, Ping timeout: 258 seconds)