[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce

wiki-admin at x2go.org wiki-admin at x2go.org
Sat Feb 25 10:29:56 CET 2017 

A page in your DokuWiki was added or changed. Here are the details:

Date        : 2017/02/25 09:29
Browser     : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
IP-Address  : 78.43.90.159
Hostname    : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de
Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1488014881
New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce
Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] - updated what ldap parameter is for
User        : stefanbaur

@@ -710,9 +710,9 @@
    * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI
    * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical
X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here.  Note that you should use a more descriptive name for the file, as described below. Also note that whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients.  To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate.
    * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server.  **Attention: Whoever manages to spoof this server name will have root access to your ThinClients. Using HTTPS will mitigate this - an
attacker would not only have to spoof the server name, but also the matching certificate.**
    * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen.
-   * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to authenticate against
+   * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to connect to - note that this is not needed for LDAP-based authentication, only when you intend to store entire session profiles in LDAP. You should really consider
using the X2Go Session Broker instead.
    * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication
    * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication 
    * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds.
    * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings.


-- 
This mail was generated by DokuWiki at
http://wiki.x2go.org/

More information about the x2go-commits mailing list