06:00 | quinox has left IRC (quinox!~quinox@ghost.qtea.nl, Quit: WeeChat 3.3) | |
06:03 | quinox has joined IRC (quinox!~quinox@ghost.qtea.nl) | |
07:23 | ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz) | |
08:47 | vagrantc has left IRC (vagrantc!~vagrant@2600:3c01:e000:21:21:21:0:100b, Quit: leaving) | |
12:14 | danboid has joined IRC (danboid!~dan@portal.salford.ac.uk) | |
12:14 | <danboid> alkisg, debug results are in here
| |
12:15 | alkisg, askpass-ssh is getting the correct password
| |
12:16 | alkisg, pw_passwd in pamltsp isn't supposed to contain the password is it because that just contains x
| |
12:17 | I mean ssh-askpass is outputting the correct password
| |
12:20 | <alkisg> pw_passwd indeed is supposed to contain just x
| |
12:20 | OK then if sshfs has the key and the password I don't see why it wouldn't mount home, unless you blocked it in your sshd settings
| |
12:20 | Or in your firewall
| |
12:21 | (again, this is the server key, ignore it as you think it's about passwordless ssh which it isn't :))
| |
12:22 | <danboid> Which pam modules are required by LTSP? pam_exec...
| |
12:22 | pam_auth?
| |
12:23 | <alkisg> They're preinstalled
| |
12:23 | PAM is properly calling LTSP; you managed to see the password
| |
12:23 | Don't focus there anymore
| |
12:24 | The problem is that with the given user and password, sshfs didn't work
| |
12:24 | Which means something blocked it; focus on that
| |
12:24 | <danboid> I've checked its using the correct IP for the ssh (LTSP) server now
| |
12:25 | <alkisg> It should be using the hostname server, not an IP
| |
12:25 | So that the ssh key works
| |
12:27 | <danboid> OK but what about when you have to change the hostname of the SSH/LTSP server? I have to add it into /efc/hosts?
| |
12:28 | I can set the LTSP server IP in ltsp.conf via $SERVER, right? I've not tried that yet
| |
12:29 | I've only set $SSH_SERVER atm
| |
12:29 | <alkisg> You can change it whenever you want it the clients won't be affected because they'll still know it as "server"
| |
12:29 | It's a feature, not a restriction
| |
12:29 | You can also have a dynamic IP and it'll still work
| |
12:30 | <danboid> You're losing me. OK, so 'server' is not registered in our DNS to the LTSP/SSH server, it has a different hostname
| |
12:31 | Whern pamltsp tries to mount the home dirs, its tyrying to mount them from 'server', which is not is DNS or /etc/hosts
| |
12:31 | So I need to to tell LTSP the address of our LTSP server somewhere but where is best in my case
| |
12:31 | <alkisg> Why do you want to set things in ltsp.conf?
| |
12:32 | It's supposed to work out of the box... you only have one server, you don't need to set anything
| |
12:32 | <danboid> I'm trying to set this up the best way following your advice / the easiest to maintain way
| |
12:32 | that works
| |
12:32 | <alkisg> You might need to remove your ssh or firewall blacklists, but I don't think you need to touch ltsp.conf (except maybe to remove your custom IPs there...)
| |
12:32 | Remove SSH_SERVER, remove SERVER etc from ltsp.conf, then try again
| |
12:32 | <danboid> We have 2 LTSP servers
| |
12:33 | both booting uncoventionally
| |
12:33 | <alkisg> If you set SSH_SERVER, it means you also have taken care of the new ssh keys, that will use the IP instead of the server hostname
| |
12:33 | <danboid> on the same netqwork
| |
12:33 | <alkisg> OK let's keep things simple:
| |
12:33 | Remove everything that says SERVER or SSH_SERVER in ltsp.conf
| |
12:33 | And it's supposed to work
| |
12:33 | The server hostname is in the client /etc/hosts
| |
12:33 | LTSP puts it there automatically
| |
12:34 | You notify the LTSP clients of the server IP from ltsp.ipxe
| |
12:34 | You can blacklist/whitelist clients in dnsmasq
| |
12:35 | So, when clientX boots, ltsp-server1 will reply to it, while ltsp-server2 will ignore it
| |
12:35 | <danboid> No we can't bexcause we're usig an external DHCP server that I have o control over, basically
| |
12:35 | <alkisg> That proxydhcp reply is where the ltsp clients get the ltsp server IP
| |
12:35 | You don't need to put anything in ltsp.conf or in dns regarding the ltsp server IP
| |
12:35 | It's DHCP that does that step
| |
12:36 | So?
| |
12:36 | proxydhcp means that you choose which client to reply to
| |
12:36 | <danboid> OK, proxy dhcp isn't an option in our case
| |
12:36 | <alkisg> And that you don't have access to the external dhcp
| |
12:37 | How do you want to split the clients? From DHCP, from ipxe, from ltsp.conf?
| |
12:37 | Anyway Dan sorry but all this chat is taking 10 times longer than it would take me to solve the issue :)
| |
12:38 | I'll reply to one question per day, to save some time for other tasks! Cheers!
| |
12:38 | (sorry if that sounds ...weird, but it's the best I can do :))
| |
12:39 | <danboid> We will have to 'deactivate' the old LTSP server but it will still be mirroring the home dirs, then if the new LTSP server falls over,, w should be able to get the swapped over pretty quickly if not instantly. That's not fully planned out just yet I suppose.
| |
12:41 | dan__ has joined IRC (dan__!~dan@portal.salford.ac.uk) | |
12:41 | bluejaypop2 has joined IRC (bluejaypop2!~7f000001@72.52.80.246) | |
12:42 | jgee9 has joined IRC (jgee9!~jgee@186.80.49.20) | |
12:45 | bcg_ has joined IRC (bcg_!~b@dg4ybwyyyyyyyyyyyyyyt-3.rev.dnainternet.fi) | |
12:46 | bcg has left IRC (bcg!~b@dg4ybwyyyyyyyyyyyyyyt-3.rev.dnainternet.fi, Ping timeout: 240 seconds) | |
12:46 | bluejaypop has left IRC (bluejaypop!~7f000001@user/josefig, Ping timeout: 240 seconds) | |
12:46 | danboid has left IRC (danboid!~dan@portal.salford.ac.uk, Ping timeout: 240 seconds) | |
12:46 | jgee has left IRC (jgee!~jgee@186.80.49.20, Ping timeout: 240 seconds) | |
12:46 | jgee9 is now known as jgee | |
12:46 | * dan__ notices LTSP used to include a script called ltsp-update-sshkeys | |
12:48 | <dan__> alkisg, That was just an LTSP5 thing then or is the the fix to my problem?
| |
12:51 | Right I know what the issue at hand is now
| |
15:18 | woernie has left IRC (woernie!~werner@p5ddec734.dip0.t-ipconnect.de, Quit: http://quassel-irc.org - Chat comfortably. Anywhere.) | |
15:18 | woernie has joined IRC (woernie!~werner@p5ddec734.dip0.t-ipconnect.de) | |
15:37 | bluejaypop2 is now known as bluejaypop | |
16:03 | vagrantc has joined IRC (vagrantc!~vagrant@2600:3c01:e000:21:21:21:0:100b) | |
17:34 | dan__ has left IRC (dan__!~dan@portal.salford.ac.uk, Remote host closed the connection) | |
20:54 | <ManuelGutierrezG> alkisg: Hi, i worked yesterday with the server you help me to start, but i want to ask you about the speed, my project goes to slow, my thinclient are 512MB RAM, 2GB SSD, gB LAN port, but i have a 100 LAN Switch
| |
20:55 | Can i do something to optimize the traffic to better the speed? Or should i change my switch?
| |
20:56 | <alkisg> Manuel Gutierrez Gomez: test a single client on 100 mbps. Then, if you change it to 1000 mbps, and you test 10 clients at the same time, you'll see the same speed as the single client on the 100 mbps switch
| |
20:56 | That means that if you don't like the 100 mbps speed for a single client, then upgrading to gigabit won't help much
| |
20:57 | Are you running the session locally, or via ssh -X, or via xrdp etc?
| |
20:57 | <ManuelGutierrezG> yes, i did that test, and go too slow
| |
20:57 | locally
| |
20:58 | I'll try with another switch and otrer client to see how goes
| |
21:08 | <alkisg> can you find your client cpu in cpubenchmark.net?
| |
21:11 | 512 is too little for modern linux to run locally
| |
21:19 | Try normal session (=slow), x2go and xrdp
| |
21:20 | If x2go seems better, there are some x2gothinclient packages that you can use: https://packages.debian.org/search?keywords=x2gothinclient
| |
21:20 | But in general, modern OS, browser etc need modern clients, with 2000+ cpubenchmark score, and 2GB+ RAM
| |
21:39 | ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving) | |