Joerg,
In short: forget about it. If you're allowing users SSH access for X2Go, they WILL be able to copy data. You can make it a little harder for them if you think you have to, but as long as they are in control of the client hardware, they will always be able to do so.
X2Go is great to stop accidental copying when properly configured, but intentional copying - no.
Also, remember that keyboard input can be scripted and redirected to a file on the server, and screenshots can be OCR'ed on a client, or people can convert your data into QR codes on the server and screenshot and scan those.
So even if you'd use VNC and disable the clipboard there, you'd still not be safe from intentional copying.
Decades ago, in a lawsuit, a judge defined a computer as "a machine to copy ones and zeroes", and to be honest, that's what it does. If you want to try to stop it from doing that, good luck.
-Stefan
Am 20.12.21 um 12:08 schrieb Jörg Kastning:
Dear X2go users,
I'm trying to figure out whether X2go is a fitting solution for our project or not.
Users should get remote access to a host to execute applications in a graphical environment. These users must not be able to transfer any data or files to or from the target host.
Question 1: Is there a way to deactivate the clipboard or any drag'n'drop feature in x2go-server to prevent users from transering data?
Question 2: The documentation (at URL https://wiki.x2go.org/doku.php/doc:newtox2go#installation_and_use) mentions that the SSH server handels the X2go connections. Are there example configs that restrict SSH access to X2go but prevent users from transferring data via tools like scp or rsync?
Thank you in advance for your replys.
Regards, Joerg
x2go-user mailing list x2go-user@lists.x2go.org https://lists.x2go.org/listinfo/x2go-user
-- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243