Going slightly O/T
Is there a way of setting up dedicated X-terminals using SSH? I can see
security and compression benefits over conventional X-terminals. Has anyone
given it a try?
Aaron
> -----Original Message-----
> From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, July 11, 2001 10:43 AM
> To: DStevenson
> Cc: [EMAIL PROTECTED]
> Subject: Re: [expert] xhost problem
>
> On Tue, 10 Jul 2001, DStevenson wrote:
> > I put the xhost 192.168.0.10 into the file as you suggested, no change
> in
> > problem. I put it before the xsession command.
> >
> > What files are associated with the xhost system? The program xsane
> returns
> > the message 'Gtk cannot open display on xyz'. The other machine can open
>
> > windows in the other direction though. It is just the one machine.
>
> The way I run X programs remotely is using OpenSSH's built-in X
> forwarding.
>
> Under most setups, it should take no more than:
>
> ssh -l user server.foo.com
>
> Then, at the prompt:
>
> $ xsane
>
> If you echo the display on the machine you've ssh'd to, it should already
> have DISPLAY set to something. eg:
>
> server:12.0
>
> That way, you not only get pain-free X forwarding, it's wrapped in an
> ironclad encryption. You also don't need the X ports on your workstation
> open to any other machines, which can be a considerable security benefit.
> (since X runs as root and is a large and complex program read: more
> likely to have a vulnerability somewhere than a small, simpler program )
>
> To explicitly allow X support on the remote side, you may need to say:
>
> X11Forwarding yes
>
> And, using windows programs like SecureCRT, etc, the ones that do port
> forwarding generally have a checkbox for 'forward X11 packets' or somesuch
> in the port forwarding configuration section.
>
> For a unix client (the one you initiate the ssh session on)
> ForwardX11 yes (default in mandrake)
>
> And explicit command-line arg is -X to enable ssh forwarding. i.e.,
> ssh -X -l user host.foo.com
>
> There are also helpful things such as Compression that ssh can do if you
> ask it. Compression can be useful when your systems have fast CPU's, but
> their network connection is not as good as you'd like.
>
> Hope this helps!
>
>
> -pete
>
>
