Results 1 to 2 of 2
No answers here but I've struggled with XDMCP on recent Ubuntus. It worked very nicely in 8.04. I wonder what happened? Did Debian decide to discard XDMCP because of security ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 12-14-2011 #1
- Join Date
- Dec 2011
Did Debian discard XDMCP because of security risks?
- 12-14-2011 #2There seems to be no replacement with similar capabilities.
XDMCP is inherently insecure as it does not encrypt your traffic. XDMCP is analogous to telnet, and therefore they share the same security issues. Over wireless, anyone can listen to your traffic and easily record your keystrokes. They can likely read what is being display on your screen. Over a wired LAN, this is more difficult but still possible. Over both, it is still somewhat easy for someone hijack your session and assume control of the sever. Therefore, only use XDMCP on a wired network that you you trust. Also, consider using alternatives that feature security (and often compression) such as NX.