[ale] Remote X (is a secure Full X session possible?)

Mike Panetta ahuitzot at mindspring.com
Thu Aug 29 22:54:22 EDT 2002 

Does anyone know how to do something like this, but instead of
forwarding just a single xterm over ssh, forward an entire 'X -query
[servername]' type session over ssh?  I would like to figure out how to
do a secure remote X session (ala XDM or rather GDM) via ssh or some
other secure means.

Thanks,
Mike

On Thu, 2002-08-29 at 06:46, Michael Kachline ext 2848 wrote:
> 
> > The first step to me, is to get remote (Desktop) X clients to run on my 
> > Laptop X server.  I'm having problems.
> > 
> > 1) login to Laptop
> > 2) xhost +Desktop
> > 3) ssh Desktop
> > 4) export DISPLAY=Laptop:0.0
> > 5) xterm &
> 
> 	This sounds right and not right. When you ssh to a host, the ssh 
> client will typically set up a phony DISPLAY on the remote machine. If you 
> want to ssh to the remote box, then it should be as simple as:
> 
> Laptop$ ssh desktop
> Desktop$ xterm &
> 
> ... If, when you ssh to dekstop, ssh issues a message to the tune of 
> "disabling remote forwarding", then edit your .ssh/known_hosts file, and 
> remove the key for "Desktop". SSH in again (this will pick up a new host 
> key for desktop). Once your ssh client sees the proper host key for the 
> host which you are connecting to, it will then allow for the above process 
> to work (Given you haven't disabled X forwarding in your /etc/ssh_config 
> or /etc/sshd_config).
> 
> 
> If you want to use the tried and true (and insecure) "xhost" method, then:
> 
> Laptop$ xhost +Desktop
> Laptop$ telnet Desktop
> Desktop$ export DISPLAY="Laptop:0.0"
> Desktop$ xterm &
> 
> 
> 	I've been down the xauth road and do not remember fond memories of 
> it. It was a difficult process which was thankfully superceded by ssh. I 
> would consider it a very last resort if you cannnot get one of the above 
> two methods to work.
> 
> 
> 							- Mike
> --------------------------------------------------------------------
>  Michael Kachline
>  Systems Programmer
> 
>  Intec Telecom Systems
>  Building G, 4th Floor                      
>  5775 Peachtree-Dunwoody Road            
>  Atlanta, GA  30342
> --------------------------------------------------------------------
> 
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.
> 



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list