Dell Wyse Enhanced Ubuntu Linux T50 Manual de usuario Pagina 118
- Pagina / 220
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Chapter 9. Authentication in ThinLinc
9.6. Using One Time Passwords
9.6.1. Introduction
In this section, we will describe how to configure ThinLinc for authentication against One Time
Password (OTP) servers, such as the NordicEdge One Time Password Server or RSA SecurID. By using
OTPs, you can increase the system security.
9.6.2. General Requirements
• An OTP server which accepts the OTP twice. This is due to the ThinLinc architecture: The client first
contacts the master machine, and then the agent host. The NordicEdge One Time Password Server has
built-in support for ThinLinc. When using RSA SecurID, we recommend using the Steel-Belted
Radius server as a "Token Caching Server".
• An user database (directory server) that is supported both by the operating system on the ThinLinc
servers, as well as the OTP server. We recommend using a LDAP directory server, such as Novell
eDirectory.
• The operating systems on the ThinLinc servers must support the OTP servers authentication protocol.
We recommend using the RADIUS protocol, by using the pam_radius_auth PAM module from the
FreeRADIUS project (http://www.freeradius.org).
• The SSH server on the ThinLinc servers must accept "keyboard-interactive" authentication. It’s
recommended to disable "password" authentication.
9.6.3. Configuration for NordicEdge One Time Password Server
This section describes how to deploy a OTP solution based on the NordicEdge One Time Password
Server. With this solution, OTPs are used in addition to normal passwords. Users should enter their
normal password in the ThinLinc client password input field, and the OTPs in the popup dialog that
follows.
The example below assumes that you are using LDAP and RADIUS. Step 2 through 8 should be
repeated on all ThinLinc servers.
1. Configure the OTP server, according to the OTP server documentation. Make sure to use an
appropriate "regenerate timeout" value. If this value is too short, authentication with the VSM agent
host might fail, even though authentication with the VSM server host succeeds.
2. Install pam_radius_auth. Some distributions, such as SUSE, includes this module.
3. Configure pam_radius_auth, by creating /etc/raddb/server . It should contain the OTP
server name, port, and a shared secret. Example:
myotpserver.example.com:1645 mysecret
4. Configure LDAP authentication according to your distribution’s documentation.
108
- Copyright © 2014 Cendio AB 2
- Table of Contents 3
- Chapter 1. Introduction 11
- 2.1. Session Overview 14
- Chapter 3. Installation 15
- 3.2.3. Server Sizing 16
- • Memory 17
- 3.3.4.1. Relays 21
- 3.3.4.2. DNS 22
- 3.5.1. Acquire New Licenses 23
- 3.5.4. Run tl-setup 24
- 3.7.1. Overview 25
- 3.8. VirtualGL 26
- Chapter 4. License Handling 29
- Chapter 5. Printer Features 31
- 5.2.1. CUPS Browsing 32
- 5.3. Local printer support 33
- 5.3.3. Device dependent mode 34
- 5.4. Nearest printer support 35
- 5.5. Printer Access Control 36
- 5.5.1. Theory of Operation 37
- 5.5.2. Requirements 37
- 5.5.4. Configuration 38
- 5.6.1. Configuration 39
- 6.1. Overview 41
- 6.1.3. Theory of Operation 42
- /etc/ssh/ssh_host_ 43
- /vsmserver/terminalservers 43
- 7.1. Client usage 47
- 7.1.3. Language Settings 49
- 7.1.5. The session menu 50
- 7.3. Local device export 53
- 7.3.3. Drives 54
- 7.3.4. Printer 54
- 7.3.5. Smart Card Readers 54
- 7.4. Client configuration 55
- 7.4.2. Local Devices tab 57
- /dev/ttyS0) or a Windows COM 59
- 7.4.3. Screen tab 61
- 7.4.4. Optimization tab 62
- 7.4.5. Security tab 65
- ALLOW_HOSTKEY_UPDATE 66
- Smart card - certificate filter 68
- 7.5. The XDM mode (UNIX only) 69
- 7.5.1.1. Mouse tab 70
- 7.5.1.2. Keyboard tab 70
- 7.5.1.3. Screen tab 71
- 7.6. Logfile placement 72
- • 1 for port 80 78
- • 0 for Raw 79
- • 5 for Hextile 79
- • 7 for Tight 79
- • 16 for ZRLE 79
- 7.8. Client Customizer 81
- 7.9. Advanced Topics 82
- 8.3. Linux PC 84
- ~/tl-4.3.0-clients 85
- 8.4. Solaris 87
- 8.5. Thin Terminals 87
- 8.5.3. VXL 89
- 8.5.4. HP ThinPro Terminals 89
- 8.5.5. IGEL Universal Desktop 90
- 8.5.8. Other Thin Terminals 91
- Terminal 92
- 8.6.2.1. Basic Configuration 93
- ServerAlias 94
- 8.7.3.1. Server Side 97
- 8.7.3.2. Browser Side 98
- Chapter 8. Client Platforms 100
- 9.2. Limitations 101
- • Trigger a run via iManager 104
- [root@test root] 105
- <filename.pem> 105
- 9.3.5.1. Functionality 109
- 9.3.5.2. Configuration 110
- 9.4.1. Introduction 111
- Single Sign-On 111
- 9.4.2. Key Generation 112
- 9.4.3. Server Configuration 112
- 9.4.4. Client Configuration 112
- 9.5.1. Introduction 113
- 9.5.2. General Requirements 113
- 9.5.3. Key Generation 113
- 9.5.4. Server Configuration 113
- 9.5.5. Client Configuration 114
- 9.5.6. Automatic Connection 114
- 9.5.7.1. Command line options 115
- 9.5.7.2. Configuration 116
- Configuration parameters 116
- 9.6. Using One Time Passwords 118
- Chapter 10. File Access 121
- 10.1.3.1. Using tl-mount-cifs 122
- 10.2.1. Introduction 123
- 10.2.2.1. Requirements 124
- 10.2.3.1. Requirements 126
- 10.2.3.2. Logging in 126
- 10.2.3.3. Mounting Shares 127
- 10.2.3.4. Logging out 127
- 10.2.4.1. Requirements 128
- 10.2.4.2. NDS Configuration 128
- 10.2.4.4. UNIX Configuration 129
- 10.3.1. Introduction 132
- 10.3.2. Activation 132
- 10.3.3. Configuration 133
- 11.1. Introduction 135
- 11.2. Single Sign-On 135
- 11.3. Connection Modes 135
- 12.1.1. Introduction 139
- 12.2.1. Introduction 141
- 12.2.2. Requirements 141
- 12.3.1. Introduction 142
- 12.3.2. Requirements 142
- 12.3.3.3. OSS applications 143
- 12.3.3.4. ALSA applications 144
- 12.4.1. Introduction 145
- 12.4.2. Requirements 145
- Commands in /opt/thinlinc/bin 147
- ~/.ICAClient/appsrv.ini and 152
- ~/.ICAClient/reg.ini 152
- --test ] 155
- 14.1.1. Configuration Options 157
- 14.1.2. Cluster Management 157
- 14.2.3. Parameters in /vsm/ 163
- 14.3.1.1. Log destinations 166
- 14.3.1.2. Subloggers 167
- 14.3.1.3. Log levels 167
- 14.3.2. Per-Session Logging 168
- • -MaxDisconnectionTime s 176
- • -MaxConnectionTime s 176
- • -MaxIdleTime s 176
- Chapter 15. Hiveconf 179
- 15.1.3. Mounting Datasources 180
- 15.2. Hiveconf and ThinLinc 181
- Administration Interface 183
- 16.3. Modules 184
- 16.3.3. The VSM Module 185
- 16.3.3.1. Home 186
- 16.3.3.2. VSM Master 186
- 16.3.3.3. VSM Agent 186
- 16.3.4. The Profiles Module 187
- 16.3.5. The Locations Module 189
- 16.3.5.2. Locations 191
- 16.3.6.1. Application Groups 193
- 16.3.6.4. Menu Structure 193
- Desktop Customizer 197
- 17.2.1. Concepts 198
- 17.2.3. Handling Applications 199
- • Command 200
- • Path to Icon file 201
- • Command Startup Feedback 201
- /opt/kde3 205
- See Section 16.2 for details 207
- /vsm/tunnelservices 208
- SSH tunnel, SSH terminated.) 212
- C.1. Schema extensions 215
- /etc/ldap.conf 216
Relacionado con productos y manuales para Servidores Dell Wyse Enhanced Ubuntu Linux T50
Servidores Dell EMC AX4-5I Manual de usuario
(5 paginas)
(5 paginas)
Servidores Dell 1955 Manual de usuario
(12 paginas)
(12 paginas)
Servidores Dell 8/8 Información técnica
(147 paginas)
(147 paginas)
Servidores Dell PowerEdge NM176 Guía de usuario
(292 paginas)
(292 paginas)
Servidores Dell PowerEdge VRTX El manual del propietario
(150 paginas)
(150 paginas)
Servidores Dell 800 Manual de servicio
(75 paginas)
(75 paginas)
Servidores Dell POWEREDGE R710 Especificaciones
(63 paginas)
(63 paginas)
Servidores Dell DAE Manual de usuario
(16 paginas)
(16 paginas)
Servidores Dell PowerVault 3000i Manual de usuario
(14 paginas)
(14 paginas)
Servidores Dell PowerEdge FE600W Manual de usuario
(34 paginas)
(34 paginas)
Servidores Dell PowerVault 3000i Especificaciones
(32 paginas)
(32 paginas)
Servidores Dell PowerEdge R610 Especificaciones
(61 paginas)
(61 paginas)
Servidores Dell PowerEdge 1950 El manual del propietario
(160 paginas)
(160 paginas)
Servidores Dell PowerEdge BMX01 Manual de usuario
(21 paginas)
(21 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.212 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales