[Thinlinc-technical] Requests regarding ThinLinc client (Linux)
Jens Langner
j.langner at hzdr.de
Fri May 31 10:50:08 CEST 2013
Dear Thinlincer,
we are happily using ThinLinc here. While finalizing our thin client environment we have, however, stumbled over a few things we would like to see discussed/addressed here.
In our environment we are using an own user interface and startup tool where our users can select the server they want to connect to (based on protocol like RDP, ThinLinc, VNC, etc) and where they can then directly enter the username and password. After supplying the credentials, our user client then automatically starts the thinlinc client (Linux) with the username and password supplied and directly connects to it without forcing the user to again enter username/password in the thinlinc client gui. The following two things would really be nice to see implemented in the client gui:
1) As we supply the password on command-line via the "-p" option potential hackers could easily retrieve the user password in clear text by simply listing all running processes via the "ps" command on linux. To prevent this for other terminal clients like "rdesktop" these clients support to supply the password via stdin by using something like "-p -" and then pipe the password into the client via "echo PASSWORD | rdesktop -p -". In the end the password is then not visible when using "ps". For ThinLinc this is currently not possible and we would really like to see such a possibility added to one of the next versions of the ThinLinc client. This would really make such ThinLinc environments more secure.
2) When automatically connecting to a thinlinc server by calling the client with username, password and server name the client GUI always pops up while trying to connect to the ThinLinc server. There is, however, no option to suppress the ThinLinc client user interface completely. In our environment we would like to be able to do this and rather see the thinlinc client connecting to the server without popping up any user interface at all. In addition, we would like to see the client immediately exiting with an error status code if the password or username or anything else is supplied incorrect. Currently the ThinLinc interface requests a correct username/password instead which however is the job of our own connection client and which we want to address there instead.
Is there any possibility we might have missed in the documentation which would allow the above already or are there any chances to see these things implemented shortly in one of the next nightly builds?
best regards,
jens
--
Dr. Jens Langner
Helmholtz-Zentrum Dresden-Rossendorf
Institute of Radiopharmaceutical Cancer Research
Department of Positron Emission Tomography
POB 51 01 19, 01314 Dresden, Germany
http://www.hzdr.de/ | +49 351 260 2757
Vorstand: Prof. Dr. Dr. h. c. Roland Sauerbrey
Prof. Dr. Dr. h. c. Peter Joehnk
VR 1693 beim Amtsgericht Dresden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2345 bytes
Desc: not available
URL: <http://lists.cendio.se/pipermail/thinlinc-technical/attachments/20130531/c7f2e264/attachment-0004.p7s>
More information about the Thinlinc-technical
mailing list