Re: X forwarding from another unix

From: Richard E. Silverman (res_at_qoxp.net)
Date: 11/05/04

  • Next message: Richard E. Silverman: "Re: Only accepting ssh tunnelling requests from a particular IP?" 
    Date: 04 Nov 2004 21:34:51 -0500

    If the USSHD/UX network is trusted, ssh ULOCAL->USSHD with X forwarding,
    arranging that the forwarded port on USSHD is not limited to loopback
    connections. Point the X clients on UX to the proxy X socket
    (e.g. DISPLAY environment variable). You will need to get the proxy xauth
    cookie from USSHD to UX.

    If not, then either chain together two SSH connections with X forwarding,
    or get an SSH session directly ULOCAL->UX using a second SSH connection
    ULOCAL->USSHD as an intermediary. 

    -- 
  Richard Silverman
  res@qoxp.net
  • Next message: Richard E. Silverman: "Re: Only accepting ssh tunnelling requests from a particular IP?"

    Relevant Pages

    • Re: SSH not setting DISPLAY variable
      ... > I'm having a rather strange problem with OpenSSH forwarding X11 ... > SSH and one of them works perfectly, but the other one does not. ... > On the second computer, "echo $DISPLAY" just gives a blank line, so ... > connections - if I connect out from the not-working computer to somewhere ...
      (comp.security.ssh)
    • Re: X forwarding from another unix
      ... Yes, USSHD and UX are in the same subnet, and the connections are trusted. ... UX has no ssh server running. ... UX> setenv DISPLAY USSHD:10.0 ...
      (comp.security.ssh)
    • Re: Port Forwarding over Unreliable Connections
      ... > two separate TCP connections when you do port forwarding, ... > local program to ssh, and one from sshd to the remote program (in the ... > other direction for reverse or X11 forwarding of course). ...
      (comp.security.ssh)
    • Re: ssh X11forwarding wont work, please help
      ... and not "exporting the DISPLAY from machine 2 to machine 1"? ... ssh has decided not to do X forwarding. ... You've decided not to use ssh X forwarding, ... connections (though if there's no error message saying that the ...
      (comp.os.linux.x)
    • Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --
      ... reduction of brute force login attempts via SSH through iptables --hashlimit ... out why my first attempts at using the hashlimit functionality in iptables ... against legitimate SSH connections, unless someone spoofs a very large ...
      (Full-Disclosure)