I just spent a whole day on this, so I wanted to share it with some people who would understand the struggle.


The Scenario:

You have some remote users who need to securely access your application, delivered in plaintext over SSH.  To do this, they get a thin client delivered to them, fully set up.  However, most of these users have very limited computer knowledge, so they need the application to be as simple and responsive as possible.

The Solution:

The thin client needn’t have Windows on it.  Also Windows is slow (wimpy thin clients), prone to fickleness (“have you tried turning it off and on again?”), and insecure (no antivirus or even security updates are installed on the thin clients).


In fact, these users are so limited they shouldn’t even have a window manager at all.  No need to resize, copy & paste, or multitask – a single application window would be ample.  So let’s install just a plain edition of Debian, then run sudo apt-get install xinit, to get the barest of essential graphical libraries.

The Challenge:

Set up our thin clients, based on a Linux install, such that it boots quietly and quickly, automatically logs in as the user, waits for the network, and launches a Putty window.  When the user quits Putty, they should only have two options:  launch a new Putty session, or shutdown the computer.

The Yak: 

Because there’s no window manager, every Putty window is launched in its’ own session.  A new X11 session has number lock disabled by default.


The standard answer for controlling numlock, a program named “numlockx”, works just fine – however, because there’s no window manager, you can only send a single command to the X11 session.  Thus, you can either turn on NumLock, or you can launch Putty.

Shaving the Yak:

1)      Create the file ~/putty

This file contains the lines: 

numlockx on &

putty -load {your saved session}


2)      Launch the file with:

xinit ~/putty $* --

The End:

Now you can set up your silent boot (/etc/sysctl.conf -> kernel.printk), your automatic login (/etc/system/system/getty@tty1.service.d/autologin.conf), and your auto-start locked-down profile (~/.profile) with other tutorials available on the internet.


(PS they boot in about ten seconds, and our guinea pig testers love them)