[mythtv-users] Has anyone configured a "semi"-diskless frontend?
mythtv-users at fastdruid.co.uk
mythtv-users at fastdruid.co.uk
Fri Jan 7 03:36:43 EST 2005
Brad wrote:
>
> On Thu, Jan 06, 2005 at 06:11:22PM -0600, Kevin Kuphal wrote:
> > It'd sure be nice if there was a way for a mythfrontend to discover
> > all
> > the settings needed on a network. Something like
> > Rendevous/ZeroConf/UPnP. Does anyone who runs KnoppMyth in
> this way
> > know what all the settings are that are asked for on boot?
> Is it just
> > the address of the master backend or are there more?
>
> Strictly, it's the address of the database server, which then
> reveals the address of the master backend and other backends.
>
> Indeed, discovery and plug and play are very useful ideas,
> and no doubt are on the feature list somewhere.
>
> You can't really discover SQL servers without opening up
> their security
> more than people like. So what would make sense would be for the
> master backend to listen for broadcast packets on a port, and
> respond to them with config info for frontends and other backends.
>From a 'proper' security point of view you don't want your
database to be findable, however from a 'I'm running this on a private
network with a decent firewall/no internet connection and no important
information saved' point of view it would be nice to have the option.
<snip>
>
> The most secure way to do it and still be close to ZUI is as follows.
>
> a) Client boots up.
>
> b) Master backend prompts somebody (a trusted client, or a user on the
> backend) saying, "1 and exactly 1 new clients have asked for
> access. Grant it?"
>
> c) You say yes, and you can be (generally) sure you're only
> giving access to the machine you just brought up.
>
> Ideally the front end machine is able to store something
> somewhere (or have its own password as a key to data in the
> database) so it doesn't have to follow this procedure every
> time in boots.
Better than that why not do it by MAC address recognition, first time a
machine
pops up the backend asks if you want to allow it, if you say yes that
MAC/IP
is stored. Next time it pops up it will go oh yes I grant access to that
one.
If it fails it could *then* ask for the username/password/backend IP,
that would
then work for dual boot machines[1]/windows machines.
Regards
David
[1]Or any other risky machines you might not want to automatically pass
the DB password to.
More information about the mythtv-users
mailing list