On 11/26/06, Kazuyuki Inanaga <happyday@xxxxxxxxxxxxxx> wrote:
Hello.
My IIci has 250MB HDD, it's not big enough to install and run
X window system. So, I'm preparing;
1) mount /usr and swap with nfs
2) use xdm
With some tests (learning NetBSD is fun), it seems work fine.
I worry about "Security".
Can an attacker snoop those data traffic ? Maybe "YES", I guess.
My idea is:
There is no important data in 1), I don't need to worry about that.
Set and run SSH for xdm (ssh X11 port forwarding).
Does this make a sense ? Any hint or advice is appreciated.
(I read some man-pages with my poor English, I got headaches.)
Thanks,
Kazu Inanaga
I have a similar setup running, although with no X. NFS is an
unecrypted protocol. /usr, however, shouldn't have anything on it that
isn't already available for public download anyway. As far as
potential injection and man-in-the-middle attacks go, well, if you
have a halfway decent firewall you should be just fine (as long as
your picky about who you let into your network).
Since you're running /usr over NFS, why not just run X locally?
- mngrif
|
