[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:x2gobroker
wiki-admin at x2go.org
wiki-admin at x2go.org
Fri Feb 10 17:20:04 CET 2017
A page in your DokuWiki was added or changed. Here are the details:
Date : 2017/02/10 16:20
Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
IP-Address : 78.43.90.159
Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de
Old Revision: http://wiki.x2go.org/doku.php/doc:howto:x2gobroker?rev=1486743331
New Revision: http://wiki.x2go.org/doku.php/doc:howto:x2gobroker
Edit Summary: Further Layout fixes, added backup/monitoring/alerting note, added list of systems
User : stefanbaur
@@ -1,25 +1,37 @@
<note warning>
- This document takes you through the steps required to set up a simple demo environment for the X2Go Session Broker.
+ This document takes you through the steps required to set up a simple X2Go Session Broker demo environment, consisting of a test client (x2goclient1.x2go.example.com) and the following servers:
+ * ldap1.x2go.example.com
+ * nfs1.x2go.example.com
+ * pg1.x2go.example.com
+ *
x2gobroker1.x2go.example.com
+ * x2goserver1.x2go.example.com
+ * x2goserver2.x2go.example.com
+
**DO NOT EVER USE THIS IN A PRODUCTION ENVIRONMENT!
YOU WILL HURT YOURSELF VERY BADLY IF YOU IGNORE THIS WARNING!**
These instructions violate almost every "best practice"/standard there is!
- They are meant to get an X2Go Session Broker demo enviroment set up, fast. Nothing more, nothing less.
- It has the following shortcomings:
+ They are meant to get an X2Go Session Broker demo enviroment set up, fast.
+
+ Nothing more, nothing less.
+
+ This setup has the following shortcomings:
* Massive lack of security:
* Unencrypted LDAP connections
* All passwords - users, database admin, root, are set to the value "start"
* SSH keyfile login is only enforced for the root account
* No redundancy for critical components
* Only a single LDAP server, no replication
* Only a single NFS server
* Only a single Postgres server
+ * No
backup
+ * No monitoring/alerting
* No easy manageability/heavy abuse of LDAP:
* LDAP settings are converted from local settings on the "ldap1" server
* what ends up in LDAP this way is not something you want to work with in a production environment
* it will be faster to set up a new LDAP server with the proper settings for your production environment than to base your server on this demo and trying to "clean up" afterwards
* Also, no user-friendly tool to manage LDAP settings is installed by default.
</note>
--
This mail was generated by DokuWiki at
http://wiki.x2go.org/
More information about the x2go-commits
mailing list