[ale] X through a Masq'ing firewall?

Chris Ricker gt1355b at prism.gatech.edu
Tue Nov 18 21:07:12 EST 1997


On 18 Nov, Robert L Harris wrote:
>> On 18-Nov-97 Robert L Harris wrote:
>> > Ok,
>> >   I have 2 machines,  dogbert the local machine and moat the firewall.
>> > My isdn line is hooked up to moat which is hooked up via ethernet to
>> > dogbert.  Anyway, is there a way to run X from the net to dogbert since
>> > it's a Masq'ed machine (ip=192.168.0.2) ?

If you're wanting to run apps on dogbert and display them at work, you
can just use -display work.machine.ip:0.0 or whatever to get it to
display (assuming you've configured xauth to allow appropriate access).

If you're wanting to run apps at work and display them on dogbert,
you'll need ssh like David said; you don't have a valid display name
(according to your work computer) to display apps on, so you need ssh to
do its X forwarding magic....  What you'll need to do is ssh to moat
from work, then ssh to dogbert from moat.  Assuming ssh is set up
correctly on all three, you can then just type, say,
/opt/netscape/netscape from the ssh session on dogbert and netscape 
will show up on your work machine.

> What's involved in setting up ssh daemons and such?  Do I have to have root
> access on the boxes?

> I'm pretty sure my ISP won't let me get away with that.  Probably can at
> work though.

Take a look at http://www.cs.hut.fi/ssh/ for more info about it.  You
can probably con your ISP into installing it since it is a Good Thing
(tm), though they might not want to because of the added cpu load. 
Really, though, all you need it on is moat, dogbert, and your work
machine for what you want to do.  If your linux boxes are Red Hat,
you can get RPMs from ftp.replay.net with all the other crypto stuff. 
You'll have to recompile them if you're using glibc (though I may have
RPMs compiled against glibc from when I upgraded).

later,
chris

--
Chris Ricker                                        gt1355b at prism.gatech.edu
                                                       Chris.Ricker at ipst.edu
"These days, you can't throw a tomato out the
window without hitting a college kid who knows
and loves Linux."    --Nicholas Petreley--






More information about the Ale mailing list