[ale] Remote X (is a secure Full X session possible?)

Mike Panetta ahuitzot at mindspring.com
Thu Aug 29 23:16:06 EDT 2002


Yeah... That will work, but I was hoping for a more clean cut solution.
Something like GDM does which if set up right (well I know XDM will do
it) will allow you to pick what machine you want to connect to from a
list after connecting to the main XDMCP server....  Has anyone developed
an SSL version of the X protocol yet?   Would that even make sense...?

The next thing I would have to do is try to figure out how to get esound
to "automaticly" work over the network.  I know its a networkable daemon
(I have actually done it by hand so that it would send all my sounds
across the network) but I do not know if Gnome supports configururing it
in that manner on startup...  Ofcourse, it would not be secure... 
Atleast not without some hacking...


Mike

On Thu, 2002-08-29 at 21:03, John Wells wrote:
> Mike,
> 
> I'm sure there's a better way, but I've done this by starting an xterm
> over ssh and then running gnome-session from the xterm.
> 
> John
> 
> 
> On Thu, 2002-08-29 at 22:54, Mike Panetta wrote:
> > Does anyone know how to do something like this, but instead of
> > forwarding just a single xterm over ssh, forward an entire 'X -query
> > [servername]' type session over ssh?  I would like to figure out how to
> > do a secure remote X session (ala XDM or rather GDM) via ssh or some
> > other secure means.
> > 
> > Thanks,
> > Mike
> > 
> > On Thu, 2002-08-29 at 06:46, Michael Kachline ext 2848 wrote:
> > > 
> > > > The first step to me, is to get remote (Desktop) X clients to run on my 
> > > > Laptop X server.  I'm having problems.
> > > > 
> > > > 1) login to Laptop
> > > > 2) xhost +Desktop
> > > > 3) ssh Desktop
> > > > 4) export DISPLAY=Laptop:0.0
> > > > 5) xterm &
> > > 
> > > 	This sounds right and not right. When you ssh to a host, the ssh 
> > > client will typically set up a phony DISPLAY on the remote machine. If you 
> > > want to ssh to the remote box, then it should be as simple as:
> > > 
> > > Laptop$ ssh desktop
> > > Desktop$ xterm &
> > > 
> > > ... If, when you ssh to dekstop, ssh issues a message to the tune of 
> > > "disabling remote forwarding", then edit your .ssh/known_hosts file, and 
> > > remove the key for "Desktop". SSH in again (this will pick up a new host 
> > > key for desktop). Once your ssh client sees the proper host key for the 
> > > host which you are connecting to, it will then allow for the above process 
> > > to work (Given you haven't disabled X forwarding in your /etc/ssh_config 
> > > or /etc/sshd_config).
> > > 
> > > 
> > > If you want to use the tried and true (and insecure) "xhost" method, then:
> > > 
> > > Laptop$ xhost +Desktop
> > > Laptop$ telnet Desktop
> > > Desktop$ export DISPLAY="Laptop:0.0"
> > > Desktop$ xterm &
> > > 
> > > 
> > > 	I've been down the xauth road and do not remember fond memories of 
> > > it. It was a difficult process which was thankfully superceded by ssh. I 
> > > would consider it a very last resort if you cannnot get one of the above 
> > > two methods to work.
> > > 
> > > 
> > > 							- Mike
> > > --------------------------------------------------------------------
> > >  Michael Kachline
> > >  Systems Programmer
> > > 
> > >  Intec Telecom Systems
> > >  Building G, 4th Floor                      
> > >  5775 Peachtree-Dunwoody Road            
> > >  Atlanta, GA  30342
> > > --------------------------------------------------------------------
> > > 
> > > 
> > > ---
> > > This message has been sent through the ALE general discussion list.
> > > See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> > > sent to listmaster at ale dot org.
> > > 
> > 
> > 
> > 
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> > sent to listmaster at ale dot org.
> > 
> 
> 



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list