[FreeNX-kNX] FreeNX Security Model Challenge

Mon Jul 11 16:47:28 UTC 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am Mittwoch, 15. Juni 2005 11:08 schrieb Paul van der Vlis:
> > This key is used to establish an initial secure tunnel, over which in
> > the next stage the real login of the user, with his real (and hopefully
> > kept secret by him!) credentials happens.
>
> By FreeNX, not by SSH. As a "stupid user", you maybe think you have SSH
> security because only port 22 is open.

This is correct.

> > So it is a gross missrepresentation to paint the "--setup-nomachine-key"
> > option as a "not really secure" one. It *IS* secure.
>
> It opens a door with a very secure lock (SSH) to a door with a less
> tested lock (FreeNX).

Yes, but the alternative would be to do it the Microsoft way:

Let FreeNX run as root.

... Wait thats a bit more insecure, isn't it?

Ok,

here is a challenge for you.

Make a concept, which is:

- - As secure as SSH
	* In FreeNX _almost_ reached.
	* Key is protected from using port-forwarding / ...
	* nxserver shell was audited by SuSE Security Team.

- - Allows central secure session management
	* Possible in FreeNX since day 0,5.

- - Allows load balancing
	* Possible in FreeNX 0.5.0.

- - Allows NX sessions only (possibly via KDE KIOSK, where you never see a 
shell)
	* Possible In FreeNX since day 0,5.

- - Allows usage of public keys / smart cards / ... 
	* I've recently proven that its possible with the current model.

- - Is easy to setup
	* This means no Kerberos infrastructure as dependancy for example.
	* FreeNX is _almost_ easy to setup once you've understood the key/SSH 
hassles.

If you provide me with such an architecture, I'll upgrade FreeNX to support it 
asap. (If not, please shutup asap about the flaws of the current model)

cu

Fabian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC0qKjI0lSH7CXz7MRAlPFAJ4nm+qvYh759RzDdBR/+CIlRbwgAwCfSYsF
tEzvP11Chj5+UOtR7MpMC8k=
=EWZ1
-----END PGP SIGNATURE-----