Hi Stefan,
On Mi 23 Mär 2016 09:05:40 CET, Stefan Baur wrote:
Am 22.03.2016 um 12:14 schrieb Mike Gabriel:
Where do you actually have the X2Go Broker installed? On both X2Go Servers? This is a non-recommended setup.
The recommended setup is:
on broker machine, several X2Go Servers
or
two broker machines (with DNS round robin), several X2Go Servers
What's the reason for this?
Our idea was to install the broker on all X2Go Servers, and have one Round-Robin-DNS entry for the broker connection, as well as separate names for the servers themselves.
broker.example.com -> 192.168.0.10, 192.168.0.20 #RRDNS primarynode.example.com -> 192.168.0.10 secondarynode.example.com -> 192.168.0.20
Is this still a bad idea, and if so, why?
If you setup the complete broker <-> broker-agent functionality, the
broker becomes quite powerful. The software design should be safe
regarding privilege handling.
However, I personally prefer to have the broker on a machine where
users won't get a login shell. It is just a gut feeling. In theory, it
should be safe having the broker on X2Go Servers. But still...
Mike
--
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40...