[X2Go-Commits] [[X2Go Wiki]] page added: doc:howto:x2gobroker

wiki-admin at x2go.org wiki-admin at x2go.org
Fri Feb 10 17:14:56 CET 2017


A page in your DokuWiki was added or changed. Here are the details:

Date        : 2017/02/10 16:14
Browser     : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
IP-Address  : 78.43.90.159
Hostname    : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de
Old Revision: ---
New Revision: http://wiki.x2go.org/doku.php/doc:howto:x2gobroker
Edit Summary: created
User        : stefanbaur

<note warning>
This document takes you through the steps required to set up a simple demo environment for the X2Go Session Broker.
**DO NOT EVER USE THIS IN A PRODUCTION ENVIRONMENT!
YOU WILL HURT YOURSELF VERY BADLY IF YOU IGNORE THIS WARNING!**

These instructions violate almost every "best practice"/standard there is!
It is meant to get an X2Go Session Broker demo enviroment set up, fast. Nothing more, nothing less.

It has the following shortcomings:
  * Massive lack of security:
    * Unencrypted LDAP connections
    * All passwords - users, database admin, root, are set
to the value "start"
    * SSH keyfile login is only enforced for the root account
  * No redundancy for critical components
    * Only a single LDAP server, no replication
    * Only a single NFS server
    * Only a single Postgres server
  * No easy manageability/heavy abuse of LDAP:
    * LDAP settings are converted from local settings on the "ldap1" server
    * what ends up in LDAP this way is not something you want to work with in a production environment
    * it will be faster to set up a new LDAP server with the proper settings for your production environment than to base your server on this demo and trying to "clean up" afterwards
    * Also, no user-friendly tool to manage LDAP settings is installed by default.
</note>

-- 
This mail was generated by DokuWiki at
http://wiki.x2go.org/



More information about the x2go-commits mailing list