IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 9 August 2020   (all times are UTC)

04:24mmarconm has left IRC (mmarconm!~Marcelo@unaffiliated/mmarconm, Quit: Leaving)
04:42jeremy3811 has joined IRC (jeremy3811!~jeremy381@14.96.84.219)
04:43
<jeremy3811>
is there a reason why ssh service is masked in /usr/share/ltsp/client/init/56-mask-services.sh?
04:49
<alkisg>
jeremy3811: yes, any service with public secrets in the exported image is unsafe
04:49
I.e. the ssh keys
04:50
quinox: (1) at this point you're supposed to completely disable pam_ltsp using OMIT_FUNCTIONS
04:51
Search for OMIT_FUNCTIONS site:github.com/ltsp for discussions about this
04:51
(2) man ltsp.conf, go to the EXAMPLES at the end, and see one way to provide a *local* root password
04:51
You don't want them to use the server root password and enable root ssh access; a local root shadow entry is a lot more safer
04:52
(3) search for ssh port site:github.com/ltsp/ltsp, you'll need a "POST_INIT_..=...sed" parameter for now
04:53
(4) if accountsservice is installed, then that info is saved in /var/lib/AccountsService/user...., which isn't mounted from the server, thus not saved
04:53
Otherwise, ~/.dmrc is used, which is
04:54
(5) POST_INIT runs very early; POST_SERVICE_x runs later on, similiar to the deprecated RCFILE, so start by testing POST_SERVICE_x
05:02
<jeremy3811>
got it, thank you
05:07
<alkisg>
jeremy3811: that's why epoptes is using reverse connections, which require only the public key on the clients, not the private key
05:07
<jeremy3811>
ok that makes sense
05:33
<alkisg>
urly, to set the default keyboard layout, run `sudo dpkg-reconfigure keyboard-configuration` either on the server if you're using chrootless, or in the chroot
05:44jeremy4812 has joined IRC (jeremy4812!~jeremy381@14.96.71.91)
05:46jeremy3811 has left IRC (jeremy3811!~jeremy381@14.96.84.219, Ping timeout: 260 seconds)
06:14jeremy4812 has left IRC (jeremy4812!~jeremy381@14.96.71.91, Remote host closed the connection)
08:13woernie has joined IRC (woernie!~werner@p5dded9eb.dip0.t-ipconnect.de)
08:13
<quinox>
most helpful, as always. Thanks
10:24
<alkisg>
:ltsp5
10:24
set img x86_32
10:24
set cmdline ro nbdroot=${srv}:/opt/ltsp/i386 init=/sbin/init-ltsp forcepae
10:24
kernel /ltsp/${img}/vmlinuz initrd=initrd.img ${cmdline}
10:24
initrd /ltsp/${img}/initrd.img
10:24
boot || goto failed
10:24
quinox: you need a manual entry similar to that ^ for ltsp5
10:25
The key part is init=/sbin/init-ltsp
10:41
<quinox>
👍
12:27adrianorg has joined IRC (adrianorg!~adrianorg@177.134.58.250)
12:30adrianor1 has left IRC (adrianor1!~adrianorg@179.177.210.206.dynamic.adsl.gvt.net.br, Ping timeout: 260 seconds)
12:38vsuojanen has joined IRC (vsuojanen!~vsuojanen@cable-hml-58568f-194.dhcp.inet.fi)
12:43vsuojanen has left IRC (vsuojanen!~vsuojanen@cable-hml-58568f-194.dhcp.inet.fi, Ping timeout: 256 seconds)
15:01ghaoil has joined IRC (ghaoil!~ghaoil@hs-user-138.wia.cz)
15:11GodFather has joined IRC (GodFather!~rcc@d53-64-7-141.nap.wideopenwest.com)
16:03vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
19:41vsuojanen has joined IRC (vsuojanen!~vsuojanen@cable-hml-58568f-194.dhcp.inet.fi)
19:51vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
20:11ghaoil has left IRC (ghaoil!~ghaoil@hs-user-138.wia.cz, Remote host closed the connection)
22:13vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)