Em 03-06-2014 18:45, Predrag Punosevac escreveu: > I am trying to configure our OpenBSD shell gateway as a proxy for X2Go > clients. Obviously by default port forwarding on privileged ports as > well as X11 forwarding is disabled. I read through man pages for > sshd_config but I am still not clear how should I edit them to enable > that a regular can use their LDAP account to log into shell gateway > which will proxy ssh connection to one of internal computing nodes. > The idea is to let people use X2Go clients with shell gateway as a > proxy to log into internal computing nodes and being able to run > MATLAB with GUI. > > Predrag > Your e-mail was a little confusing. Since x2go runs on top of ssh itself, and OpenBSD do not have a port of it, I'm presuming you have a x2go server running linux, behind your internet exposed OpenBSD gateway. Your life might be a lot easier if your clients login directly to your x2go server. All you need is to do is use pf and rdr your clients to the internal machine. If you have more than one x2go server, you might want to take a look at the relayd(8) daemon. It has functionality for doing ssh forwarding, with failover and round-robin capabilities.
Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC
