[FreeNX-kNX] nxclient and "challengeresponseauthentication no"
Rick Stout
zipsonic at gmail.com
Mon Feb 6 15:59:47 UTC 2006
Give us a real-world scenario where you can take over a box if you have
the client.id_dsa.key, Please do this, and we'll look into it.
Step-by-step, how you would do it is necessary.
I believe that your understandings of the operating system are lacking
somewhere, or you are missing something about the security in NX. To
switch to user NX, you have have to have wheel/sudo access. If you ssh
into the box as user nx, you only get the nxserver as your shell (which
really isnt a shell), so you cant su to any other user. Where is the
security hole?
Regards,
Rick Stout
>
> Just run nxclient? Type in your boss's userid and password and xterm
> with the shell of your choice in unix custom? I fail to see much
> distinction between typing "su..." at a prompt and having nxserver run
> it for me, if I control the input.
>
Btw, if you have your boss's userid and password, the security hole is
there, not with nx.
More information about the FreeNX-kNX
mailing list