Re: question about x11 forwarding in ssh

• Previous message: Andre Charbonneau: "Re: question about x11 forwarding in ssh"
• In reply to: Andre Charbonneau: "Re: question about x11 forwarding in ssh"
• Next in thread: Bryan McAninch: "RE: question about x11 forwarding in ssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 23 Sep 2005 01:00:01 +1000
To: Andre Charbonneau <andre.charbonneau@nrc-cnrc.gc.ca>

Andre Charbonneau wrote:
> But my question was geared toward what is happening on the ssh client
> side. (sorry if I did not explain myself clearly...)
> To rephrase my question: What does a ssh client have to do when it
> receives a request to open a x11 channel? Does that SSH client have to
> open a socket connection to the local X server?

Yes, using whatever protocol the X server supports.

For OpenSSH on Unix, this is determined by the SSH client's DISPLAY
environment variable and will be either via a TCP connection
("hostname:N", "localhost:N" or "ipaddress:N") or a Unix domain socket
("hostname/unix:N" or ":N").

> The library I'm currently trying to debug attempts to open a regular
> socket to localhost, port 6000 (on the ssh client side, not on the sshd
> side...), which is the usual port on which a X server will listen for
> display 0, screen 0. But because my X server is started with "-nolisten
> tcp", that port is not open, and the socket connection fails with a
> "connection refused" exception, which is ok I guess knowing the fact
> that my X server is not listening on this port. But I don't understand
> then why the x11 forwarding works when I use the openSSH client at
> command line to launch a remote application. Isn't the openSSH client
> also attempting to connect to localhost:6000 in order to forward the x11
> packets that are coming in through the ssh tunnel to the local X
> server? Is it connecting to the X server in a special way? On another
> port?

It depends. If the SSH client's $DISPLAY points to a Unix domain socket
then that's what's used rather than a TCP connection (take a look at
channels.c:x11_connect_display in the source).

Perhaps your library assumes it's always a TCP connection?

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

• Previous message: Andre Charbonneau: "Re: question about x11 forwarding in ssh"
• In reply to: Andre Charbonneau: "Re: question about x11 forwarding in ssh"
• Next in thread: Bryan McAninch: "RE: question about x11 forwarding in ssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SSH vs encrypted passwords ... This means that the SSH client and server ... The shared secret is the unhashed password. ... encryption ... (comp.os.linux.security) FW: SSH/SFTP rc problem in Solaris. ... I use SSH client and server on a Solaris 9 server, ... PKGINST: SUNWsshu ... bash-2.05$ sftp -b a.sftp scnsys11 ... (SSH) Re: ssh/telnet ... am trying to forward port 23 on the ssh client machine to port 23 on a ... My SSH client is WIN2K. ... My idea is to install openssh on a win2k server, ... (comp.security.ssh) Re: question about x11 forwarding in ssh ... But my question was geared toward what is happening on the ssh client ... open a socket connection to the local X server? ... socket to localhost, port 6000 (on the ssh client side, not on the sshd ... (SSH) Re: Conectivity problems affecting openssh ssh clients but not other ssh clients ... Debian unstable 4.6p1 OpenSSL 0.9.8e ... The problem exists on two accounts on the server. ... on my home network I installed sshd on the Debian machine. ... the java ssh client, I shell in to the Red Hat remote machine. ... (SSH)