[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]
Bryan Stansell bryan@conserver.com
Fri, 9 Sep 2005 17:06:39 -0700 (PDT)
On Fri, Sep 09, 2005 at 02:00:32PM +0100, Peter Saunders wrote: > Could this be changed, or another option be enabled? As it stands we have > terminal servers that timeout after 15 minutes, so have an idletimeout of 10. > However, most of the time, the hosts have actually written to the > console in that time, so the idletimeout isn't required to actually send > its string. so, would most term servers reset their disconnect timer when data flows either way? my first impression was that data had to be sent to the term server to keep it alive. but if that's not the case, it can certainly be changed so that the idletimeout doesn't fire until it's totally quiet. if anyone can prove that the idle bits work as i expected (data needs to come into the term server), please let me know. otherwise, i'll just go on the assumption that data in either direction prevents the term server from shutting things down and fix things as requested. it certainly makes sense (well, they both do, but this slightly more). > The other useful option would be direct Kerberos support. That way, it > would still authenticate users, but if they had an existing Kerberos > credential a password would not be required. I'm not sure how easy or > hard this would be to do in reality however :) me either. perhaps the PAM hooks would work? i've never tried, honestly. i'd certainly put any kerberos patches into the distribution. i don't have an environment to develop and test against (or any knowledge of the kerberos api). Bryan