Re: What does "X11UseLocalhost no" do?

"Richard E. Silverman" <res@xxxxxxxx> writes:

"RY" == Randy Yates <yates@xxxxxxxx> writes:

RY> I found that I can't ssh (with X11 port forwarding) from my home
RY> FC4/linux box to a bsd machine, run xclients on the bsd machine,
RY> and have them X display back to my home machine without specifying
RY> the "X11UseLocalhost no" option in the /etc/ssh/sshd_config file.

RY> I don't understand what the manpage says about this option. Can
RY> someone please explain?

When doing X forwarding, sshd listens on a TCP socket for connections from
X clients. Normally, it will accept connections addressed to the loopback
address only (127.0.0.1), restricting it to clients on the local host.
X11UseLocalhost no means it will accept connections from anywhere.

Thank you for this explanation, Richard. However, I'm afraid I still
don't quite understand.

Since I am constantly getting confused over who's the "source" and
who's the "destination" allow me to establish the following convention.
If an "entity" resides on a source I'll use the suffice ".src" and
likewise ".dst" for the destination.

So in this scenario I'm running the ssh.src client on host.src and
connecting to the sshd.dst server running on host.dst, and I had
established the option "X11UseLocalhost no" in the sshd_config.dst
file. I am then attempting to run X11 clients on host.dst.

In that scenario I *was* running xclients on the local host, i.e., on
host.dst. The DISPLAY.dst variable was set to localhost:10.0 and
127.0.0.1:10.0 and in both cases X client connections were refused
when the X11UseLocalhost yes option was set in sshd_config.dst.

However, host.dst is the host at my ISP where he runs "virtual
machines" under bsd. Could it be that this virtual machine is
causing the problem?
--
% Randy Yates % "Remember the good old 1980's, when
%% Fuquay-Varina, NC % things were so uncomplicated?"
%%% 919-577-9882 % 'Ticket To The Moon'
%%%% <yates@xxxxxxxx> % *Time*, Electric Light Orchestra
http://home.earthlink.net/~yatescr
.

Relevant Pages

  • Re: What does "X11UseLocalhost no" do?
    ... RY> I found that I can't ssh (with X11 port forwarding) from my home ... RY> FC4/linux box to a bsd machine, run xclients on the bsd machine, ... sshd listens on a TCP socket for connections from ... restricting it to clients on the local host. ...
    (comp.security.ssh)
  • sockets, closing and TIME_WAIT
    ... During heavy load the server can't follow anymore because the sockets ... my server should be able to handle 10 clients connecting ... This gets a free position in the array of connections, ...
    (comp.unix.programmer)
  • Re: MsgCommunicator v.2.00: Instant Messenger SDK, now with databases support
    ... expect persistent connections. ... they will wait for the server to pick them up. ... your Clients can stay "off-line" for about 30 minutes before they have to ... requests *simultaneously*. ...
    (borland.public.delphi.thirdpartytools.general)
  • Re: Accepting external sendmail on 2.0.2
    ... > on a network node capable of doing graphics, ... I really like running remote clients on a local server, ... that these listeners are not accepting external connections by default, ... viusing a MTA for sending email about lost files to local ...
    (comp.unix.bsd.netbsd.misc)
  • Re: Asynchronous Sockets and the I/O Completion Port Model
    ... > I'm looking to build a TCP based service that will listen for connections ... > It will handle XML messages that are sent by connected clients, ... and point out that the .NET Socket class when used on NT-based ...
    (microsoft.public.dotnet.languages.csharp)