RE: Send xterm to remote workstation with OpenSSH
From: Anthony Kim (entropy_or_sloth-securityfocus_at_yahoo.com)
Date: Wed, 17 Dec 2003 19:57:59 -0800 (PST) To: email@example.com
--- BOURGUIGNON D DvSI/SNPI MTY <firstname.lastname@example.org>
> Thank you all for your help and sorry for my poor english. That why
> I haven't succeed to explain my needs.
> I would like to send to a co-worker who only have a WinBox with
> PuTTy and X11 server but not OpenSSH server a xterm.
> I think my problem has no solution because the remote workstation
> must have a OpenSSH server to use Tunneling in that direction.
The thing is, a tunnel only encrypts the traffic that traverses the
established ssh connection. Say, you use a remote port forwarded
socket to send traffic to another party e.g.:
origin$ ssh -R xyz:some_other_host:abc remote_host
only traffic from origin to remote_host is encrypted, not traffic
between origin to some_other_host.
Example: Once I wanted telnet access to an internal company server from
outside our company firewall. From my workpc I run
$ ssh -R 2323:internal_host:23 my_home_pc
On my home pc, I telnet to port 2323, this travels through the
established ssh connection that I left running and out the other end of
my workpc to perform a standard TCP connection to internel_host port
23. The workpc to internal_host traffic is unencrypted. There you go,
Now if you don't need end to end encryption...the solution is simple.