On Wed, Jul 23, 2008 at 05:12:13PM +0200, Christian Brandt wrote: > Instead of confusing everyone with x-server vs. dropbear-client I'll explain > what I am actually aiming for: > > I run a rather embedded simpad with local X display and a dropbear client on > which I want to diplay a remote application running on a full blown ubuntu > server tunneled through ssh. > > Now if I had ssh instead of dropbear on the simpad I could run xterm by > entering on the simpad: ssh -X server xterm - ssh gets a command line, sets > up a tunnel and sets $DISPLAY on the ubuntu machine in a sane way. But > dropbear doesn't... > > Dropbear seems to miss the "-X" option and offers nothing in exchange: > > [EMAIL PROTECTED]:/tmp/dropbear-0.51$ grep X11 options.h > /* Enable X11 Forwarding - server only */ > #define ENABLE_X11FWD > /* The command to invoke for xauth when using X11 forwarding. > #define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q" > #ifndef ENABLE_X11FWD > #define DISABLE_X11FWD > defined(ENABLE_AGENTFWD) || defined(ENABLE_X11FWD) > > So could use X without tunneling like this: > simpad:~$ xhost + > simpad:~$ ssh -i ~/.ssh/id_rsa.db server > server:~$ export DISPLAY=simpad:0.0 > server:~$ firefox & > > ugly and insecure...
Well, if you have tcp connections enabled, then just copy the auth cookie, instead of leaving it open. like this: xauth list :0 | (read host type data; ssh server xauth add $(hostname):0 $type $data) You could even forward tcp connections, and just allow locally from localhost: xauth list :0 | (read host type data; ssh server -R 6010:localhost:6000 xauth add localhost:10 $type $data \; xterm) (exports and runs xterm) -- lfr 0/0
pgpAAGlEuJpvk.pgp
Description: PGP signature