[FreeNX-kNX] FreeNX Security Model Challenge
Paul van der Vlis
paul at vandervlis.nl
Tue Jul 12 11:36:33 UTC 2005
Fabian Franz schreef:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am Mittwoch, 15. Juni 2005 11:08 schrieb Paul van der Vlis:
>
>>>This key is used to establish an initial secure tunnel, over which in
>>>the next stage the real login of the user, with his real (and hopefully
>>>kept secret by him!) credentials happens.
>>
>>By FreeNX, not by SSH. As a "stupid user", you maybe think you have SSH
>>security because only port 22 is open.
>
>
> This is correct.
>
>
>>>So it is a gross missrepresentation to paint the "--setup-nomachine-key"
>>>option as a "not really secure" one. It *IS* secure.
>>
>>It opens a door with a very secure lock (SSH) to a door with a less
>>tested lock (FreeNX).
>
>
> Yes, but the alternative would be to do it the Microsoft way:
>
> Let FreeNX run as root.
>
> ... Wait thats a bit more insecure, isn't it?
>
> Ok,
>
> here is a challenge for you.
>
> Make a concept, which is:
>
> - - As secure as SSH
> * In FreeNX _almost_ reached.
> * Key is protected from using port-forwarding / ...
> * nxserver shell was audited by SuSE Security Team.
>
> - - Allows central secure session management
> * Possible in FreeNX since day 0,5.
>
> - - Allows load balancing
> * Possible in FreeNX 0.5.0.
>
> - - Allows NX sessions only (possibly via KDE KIOSK, where you never see a
> shell)
> * Possible In FreeNX since day 0,5.
>
> - - Allows usage of public keys / smart cards / ...
> * I've recently proven that its possible with the current model.
>
> - - Is easy to setup
> * This means no Kerberos infrastructure as dependancy for example.
> * FreeNX is _almost_ easy to setup once you've understood the key/SSH
> hassles.
>
> If you provide me with such an architecture, I'll upgrade FreeNX to support it
> asap.
When you use your own keypair and not the default nomachine-key I do not
see a security-point. Or do I miss something?
I think it's important to look at the weak and the strong points of an
implementation. The strong point of using the nomachine-key is that it's
easy to install.
Here in Holland we say: "every advantage has it's disadvantage".
With regards,
Paul van der Vlis.
More information about the FreeNX-kNX
mailing list