Hi Terje, hi all,
On Fr 20 Apr 2012 09:49:02 CEST Terje Andersen wrote:
In my view, being able to enforce or restrict
- what kind of session the user(s)/group(s) should be able to access/use
- what kind of bandwidth (LAN/WAN/ADSL/dialup)
- printing for certain user(s)/group(s)/server(s)
- clipboard - only at server or client
- use of shared folders (for the x2go session)
- many more possibilities
... is valuable.
this feature already exists. Unfortunately, not in public. It is
called X2Go Session Broker and only exists in customized site
configurations for paying customers.
I have been nagging Alex recently to join in with me in providing a
generic solution of the X2Go Session Broker, but that is music of the
future, still.
However, the session broker will deliver session configurations to the
X2Go Client. It will not restrict access to the X2Go Server itself. As
Morty says, everything you can do with ssh -X can theoretically done
with X2Go.
Hardening of your system has to be done with SELinux/AppArmor & co.
Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...