hi all, hi esp. devs,
the LinDix company in the Netherlands has asked me to work on another
project in the context of X2go.
A couple of weeks ago we discussed possibilities of approaching the
usage of X2go in SaaS environemts (that is: not ,,Desktop as a
Serice'', but Software as a Service, meaning single, dedicated
applications in this context).
The vision is:
(a) to have a server-side X2goSSH service similar to OpenSSH that can be configured via ACLs so that remote application can be granted/denied to specific users and/or specific groups. Opposed to OpenSSH this X2go service will be able to restrict the execution of remote (server-side) commands very pedantically.
(b) to provider X2go remote apps through the programmes' menu on your local desktop
In this mail I will address vision (a) in detail:
====================
The basic ideas of such an X2goSSH service are:
o instead of using OpenSSH daemon the client connects to X2goSSH daemon o the X2goSSH service will wrap around the standard x2goserver command set o installation of X2goSSH will be optional o the client has to support the usage of the server-side X2goSSH (i.e. there will be a parallel implementation within python-x2go code) o the client has to be able to detect if it is talking to a normal OpenSSH daemon or if it is talking to the restricted X2goSSH service o the X2goSSH service will be implemented with Python-Paramiko/SSH
o behind the X2goSSH service there listens an X2go'ish shell that
guards and wraps around the actual execution of the already known x2go
comands (note again: X2goSSH+X2goSHELL is a wrapper for
x2goserver commands)
o With the help of a guy from LinDix.NL (and others?) I will soon start working on a possible X2goSSH+X2goSHELL command protocol in the X2go wiki
o the proposed project name will be python-x2goserver, it will
contain several
packages/subprojects
python-x2goserver-x2gosshd
python-x2goserver-x2goshell
python-x2goserver-x2goacl
x2gosshd (the actual daemon)Greetings + Request for Comments, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...