[FreeNX-kNX] FreeNX Security Model Challenge
Toby Dickenson
toby at tarind.com
Tue Jul 12 17:46:34 UTC 2005
> >>If you use the one distributed for all interested people that download
> >>any NX package, SSH's security is disabled in regard of access control.
> >
> > Wrong here.
>
> Maybe you can enlighten me here.. If you agree with the next point, that
> every one can use the public key to connect to the NX shell, what
> exactly is your "wrong here" point? I mean - I could answer with "No,
> right here", but that would be quite unlikely to help. What I meant to
> say was: SSH won't help against anyone accessing the NX shell
This is relevant to more than just access control. It is not clear whether ssh
used in this configuration will be able to defend against other types of
attack, for example spying on the NX session or hijacking the session once
the subsequent doors have been opened by the legitimate user.
More information about the FreeNX-kNX
mailing list