Re: question about x11 forwarding in ssh

From: Darren Tucker (dtucker_at_zip.com.au)
Date: 09/22/05

  • Next message: Bryan McAninch: "RE: question about x11 forwarding in ssh"
    Date: Fri, 23 Sep 2005 01:00:01 +1000
    To: Andre Charbonneau <andre.charbonneau@nrc-cnrc.gc.ca>
    
    

    Andre Charbonneau wrote:
    > But my question was geared toward what is happening on the ssh client
    > side. (sorry if I did not explain myself clearly...)
    > To rephrase my question: What does a ssh client have to do when it
    > receives a request to open a x11 channel? Does that SSH client have to
    > open a socket connection to the local X server?

    Yes, using whatever protocol the X server supports.

    For OpenSSH on Unix, this is determined by the SSH client's DISPLAY
    environment variable and will be either via a TCP connection
    ("hostname:N", "localhost:N" or "ipaddress:N") or a Unix domain socket
    ("hostname/unix:N" or ":N").

    > The library I'm currently trying to debug attempts to open a regular
    > socket to localhost, port 6000 (on the ssh client side, not on the sshd
    > side...), which is the usual port on which a X server will listen for
    > display 0, screen 0. But because my X server is started with "-nolisten
    > tcp", that port is not open, and the socket connection fails with a
    > "connection refused" exception, which is ok I guess knowing the fact
    > that my X server is not listening on this port. But I don't understand
    > then why the x11 forwarding works when I use the openSSH client at
    > command line to launch a remote application. Isn't the openSSH client
    > also attempting to connect to localhost:6000 in order to forward the x11
    > packets that are coming in through the ssh tunnel to the local X
    > server? Is it connecting to the X server in a special way? On another
    > port?

    It depends. If the SSH client's $DISPLAY points to a Unix domain socket
    then that's what's used rather than a TCP connection (take a look at
    channels.c:x11_connect_display in the source).

    Perhaps your library assumes it's always a TCP connection?

    -- 
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
         Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.
    

  • Next message: Bryan McAninch: "RE: question about x11 forwarding in ssh"

    Relevant Pages