GDM Setup

["Maiorana, Jason" <JasonM cmsis com>]

when gdm starts, it normally forks an Xserver and a greeter for each normal
display.
I know that choosing is not yet supported, however, i would eventually like
to be able
to configure my gdm to instead start a chooser slave for each local display.
In gdm.conf
it could be an option like IndirectLocalDisplays=1. (perhaps it would
automatically add
-indirect localhost to the Xserver string in the same manner it adds -auth
<authpath> )
It would then treat the local display as if it were a remote terminal
choosing indirectly.
(It would be nice if it would detect a localhost login request allow the
system menu options)

That would be *relatively* easy to implement being that it simply uses the
normal XDMCProtocol
and requires only normal indirect display manager behaivhor. Perhaps the
greeter could even allow
an option to drop back out to the chooser, etc...

On the Above setup, When/Ever would such a setup be possible?


But- a better alternative would be a new protocol: GDMCP. It would not need
support in the
XServer. (until Xservers only accept encrypted net connect then they are no
good for this)

---------------------------------
GDMCP Description Semi-Proposal

Protocol client = Greeter (gdmlogin)
Protocol host = gdm daemon

Port : dunno yet

upon startup the greeter broadcasts a PLEASE_HOST_ME packet. Any gdm hosts
who are configured to 
host remotly over gdmcp will respond with a SURE_WHY_NOT packet. The greeter
will remeber each host
that was willing to manage it. In the mean time it is connected to the local
Xserver over a UDS
and to the local gdm over a UDS. On the menu is a option (Choose another
Host). If the user chooses
to choose, then the greeter will send a HEY_SEND_ME_YOUR_ICON to each host
that is willing, and willing
hosts reply with a HERE_IS_MY_ICON packet also containing the icon. (usual
sanity checking) Once the
user selects a new host, the greeter tries to establish an openssl connect
to the willing host gdm
(which listens for those). This connection then becomes analogous to the
socket over which it is connected to the local gdm that spawned it
originally. (the usual authentication stuff). However
(if the connection is over a network) instead of sending a cookie or
something- once the user is authenticated, the remote gdm spawns a port
forwarder as a virtual display, and sets the users display
to that. The greeter then execs a smaller executable which forwards from the
still openssl connection
to the local UDS to the Xserver. The entire authentication/session would
then be safer.

This would require a bit of work, and the integration of the openssl stuff
to the build (i think you
can get it to the GPL, their website is down right now, but i think its the
improved BSD which can be
GPLed ???). Also it would have to be excludable from the build (the entire
GDMCP protocol maybe -its
no good without the crypto)


protocol
Downside- only works with gdmcp compliant display managers & login clients.
        - would not be suitable for indirect displays, greeter must *always*
be run locally
          and connect to the XServer through a local FIFO with appropriate
permissions to an
          Xserver that was locally forked as well.
        - two extra processes (the forwarders). no getting around this until
XServers clean up
          their act. This may take a while as Xservers are not very
interested in security yet.
          perhaps theyll learn once people start sniffing Xtraffic. Then the
Xserver will run part
          of the protocol(the SSL connect to the server, and host keys
rather then cookies -see below)
        - To get inproved security gdm would have to manage a set of known
host keys, and the protocol
          would have to include 1 hour server keys for servers in the style
of openssh. I am not
          a fan of the DSA ElGamal Diffie stuff- RSA is so much more
elegant, an its the only one i
          would care to use. (Patent expires soon enough in US, and its
unenforced against Free 
          software as far as i know. would still have to be excludable from
the build in the
          configuration...) i'm also an IDEA fan still, but thats a tougher
problem...

--------------------------------

well, i dont know if youve heard about something like this before. i know
one can start x progs using
ssh, or somthing like that. but its not the same as a full graphical remote
login, esp one
that never requires a text command line or an insecure protocol. Eventually-
once its stable,
you could even use GDMCP over the inernet at large, allowing any display a
chance to login. Then
wherever you can take an xterm, you can take all the luxuries of your local
console.


regardless, i use gdm, and it works for me, and it works just fine. i like
it and can't wait for a new
version. thanks for making it.