RE: X11 forwarding help

From: Pham Tuan-TPHAM4 (Tuan.Pham@motorola.com)
Date: 02/13/03

  • Next message: Leland T. Snyder: "Open SSH and OpenSSL services"
    From: Pham Tuan-TPHAM4 <Tuan.Pham@motorola.com>
    To: "'Anthony Kim'" <Anthony.Kim@VW.COM>
    Date: Thu, 13 Feb 2003 10:27:07 -0600
    
    

    I tried that before but that didn't seem to help. Our program actually died on us.

    However, we've got it working without ssh's built-in X11 forwarding / X authorization .

    Thanks to David Barr...

    "You could try setting up your own port redirection so that you can forward
    X connections without going through ssh's X authorization.

    It sounds like you'll have to do two forwards (one for each hop). Do
    something like "ssh -x -R6010:foo:6000 host1" where foo is the hostname
    portion of your DISPLAY variable (maybe localhost). After you get to
    "host1", type "ssh -x -R6010:localhost:6010 jinx", which will redirect
    back to the first tunnel that you set up. When you log into jinx,
    manually set your DISPLAY variable to localhost:10. On the machine where
    you first issued ssh, type "xhost +host1" (or whatever your intermediate
    host is), because that is where the X clients will appear to be coming
    from to your X server. You might have to pick different port numbers that
    6010 if they are in use already on intermediate and remote hosts. The
    DISPLAY variable is converted to a port number by adding 6000 to the
    screen number (the :0 thing at the end)."

    --Tuan

    -----Original Message-----
    From: Anthony Kim [mailto:Anthony.Kim@VW.COM]
    Sent: Wednesday, February 12, 2003 3:31 PM
    To: secureshell@securityfocus.com
    Subject: Re: X11 forwarding help

    On Wed, Feb 12, 2003, Pham Tuan-TPHAM4 wrote:
    >
    > I'm using ssh to do X11 forwarding over a gateway and it seems to work
    > fine most of the time (xterms, xclocks). However, for some gui
    > applications, I get the "X11 connection rejected because of wrong
    > authentication." error. I have tried googling and tried different
    > things but I can't seem to get it working. I was wondering if anyone
    > knows what is going on. Thanks.

    On the server, try setting X11UseLocalhost no



    Relevant Pages

    • Re: How do I port forward through 2 remote hosts?
      ... > tunnel through port 119. ... port 119" does not mean anything. ... NNTP server running on C. ... > remote hosts to accept tunnelling of port 119 through themselves. ...
      (comp.security.ssh)
    • RE: Some technical errors
      ... If the SMTP server is not running on port 25 TCP it is not a public ... Manager - Computer Assurance Services BDO Chartered Accountants & ...
      (Security-Basics)
    • Re: Managing "capabilities" for security
      ... default tickets are held by the kernel and can be chosen by the parent ... The default ticket for any particular call is assumed unless the ... than to check that the server address on the ticket is good. ... the kernel had to invoke the RPC if the service port IN YOUR ...
      (comp.arch.embedded)
    • Re: SRV RRs support in Internet Explorer?
      ... The port number could be implicit (i.e. ... At any point in time, a server could fail ... can't effectively LB or backup because NSs cache the records for the TTL ... I still don't see how SRV records would help backup or LB. ...
      (microsoft.public.win2000.dns)
    • Re: Still cant connect to RWW or OWA remotely
      ... I get 'cannot find server or dns error' on both ... TCP [port number]> to open the ports. ... As for error messages when I fail to access RWW with the laptop, ... network, no connection seems possible. ...
      (microsoft.public.windows.server.sbs)