[ale] ssh, DISPLAY, X11Forwarding

Dow Hurst dhurst at kennesaw.edu
Mon Sep 1 01:09:29 EDT 2003


David,
If you dive into the ssh docs, you should find how you can specify 
certain encryption types in your sshd_config file.  You can select none 
as an encryption method.  This essentially turns off all encryption.  
Now I use the ssh.com version of SSH and have tried this for a 
connection between two machines running within our VPN.  No encryption 
was needed and it did speed things up a bit.  Doing things this way does 
take care of xauth setup nicely since ssh does that for you.  You can 
tell X to use xhost instead of xauth and then do xhost 
remotemachine.yourdomain.org.  Then telnet to the remote machine and 
start your app.  The remote machine has permission for any user or app 
to display on your local machine's display.  Not secure at all but 
useable in a secure environment.  Either way works.  You'll have to dive 
into the X docs or grep out the file that has the xauth or xhost 
authentication setting.

IIRC, you can also specify certain encryption types for particular 
machines in ssh_config and sshd_config.  You'll have to read the man 
pages, I don't remember the specifics.  It may not be possible to do it 
per machine.  I can't remember that.  However, lots of stuff if 
configurable on a per machine or domain basis.   Hope this helps,
Dow


David Corbin wrote:

>When I "ssh -X", it correctly sets the DISPLAY to "localhost:10.0", and then 
>relays the all the X stuff.  Works great.  However, I'm thinking in my 
>environment, something better might work.  I'm on a home LAN, so I don't 
>really need to spend CPU cycles to encrypt everything.  Is there an SSH 
>option that says "don't bother encrypting"?
>
>As an extension of this, if I start on machine "b", and do "ssh -X a" and 
>there I do "ssh -X b", the path that the X protocol flows through seems 
>"unneccessarily complex".  Is there someone to set things up so this resolves 
>better and more efficiently automatically.
>  
>

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
*****************************************************************
This message (including any attachments) contains confidential  *
information intended for a specific individual and purpose,     *
and is protected by law.  If you are not the intended recipient,*
you should delete this message and are hereby notified that     *
any disclosure, copying, or distribution of this message, or    *
the taking of any action based on it, is strictly prohibited.   *
*****************************************************************


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list