On 2/24/2010 6:20 AM, D. Cooper Stevenson wrote: > Hi Josh, > > Here's a link to the remote X-Apps mini howto. > > http://www.faqs.org/docs/Linux-mini/Remote-X-Apps.html > > It occurs to me that you may, either now or in the future, wish to > connect to several different computers behind the firewall by name. For > example, you may, from your local client (technically termed the > 'server' in X protocol parlance), wish to connect to X applications on > both server1.remotehost.com and server2.remotehost.com. > > To actually reach the remote box behind the remote firewall (if not > using NAT beyond the initial connection or you wish to connect to more > than one remote machine) you need to use SSH tunneling. Basic > introduction here: > > http://www.revsys.com/writings/quicktips/ssh-tunnel.html > > One could also set up a permanent Virtual Private Network connection for > this purpose. Now, if you ran SSH through OpenVPN you would experience > performance problems. Still, if you ran, unencrypted, "plain Jane" > remote X sessions through the VPN connection this might really do the trick. > > I write, "might" as I do not know your specific bandwidth resources. > > The VPN/X route gives you the ability to do more than just remote X > connections--the VPN essentially "joins" your local X server into the > network of the remote network. See the diagram under the 'Road Warrior' > section here: > > http://www.shorewall.net/OPENVPN.html > > The above assumes you do not wish to open a separate port on the > firewall for each remote machine. I for security reasons this should be so. > > In summary, compressed SSH sessions are what you want for individual > connections to the remote machine. SSH tunneling will provide you with > multiple remote computer connections. If it seems reasonable that you > will expand the services between these two networks, consider > unencrypted X sessions over a Virtual Private Network. > > > > Very Best, > > > -Coop >
Thanks that helps a lot. I will have many clients behind potential firewalls that I'll want to log into One remote server which a person could then work from and alter all the clients configurations as needed. It has occurred to me that if I just ssh to a remote computer and not do X Forwarding that any X windows will be displayed on the remote and not local machine provided that xhost is allowed on the remote server. But I could possible use VPN to make a network connection and then just do a normal login from the server to each client as they would then be on my VPN and could authenticate as a normal network computer. I'm a bit concerned about performance and network bandwidth but I could play with it and figure it out. Thanks for the the suggestions. Josh _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
