|
VNC and SSH Tunnel
hello all,
this question has been asked before, but after doing numerous searches here and on google i'm still coming up short on an answer. i'd like to establish a vnc connection in order to run some X applications (file sharing agents). i'm connecting from within an internal network (10.x.x.x) to my network, which runs a firewall (IP MASQ) and forwards ports to specified machines. my workstation in the office is a winxp system (putty ssh client), and i'm attempting to connect to a slack8.1 box. btw, this all needs to be done remotely, as my network is some 3 hours away and i only go back there once every 10 days. thus far, what i've done is this: connect with putty. specified port 5901 in the ssh tunnel source, and my.network.com:5955 as the destination. got the vnc binaries, and started vncserver (i've started it with and without X running in the background). started up the windows vncviewer binary, and attempted to connect to "localhost:1". i've tried different variations... but this seems the most promising. when i attempt to connect with the configuration above, the vncviewer process on my windows system hangs up and the process will eventually die. so at this point i'm rather confused and stuck. i'd appreciate any advice offered. :-) |
Try localhost:5901 - to reference the ssh tunnel, you need to use the whole port value, not just the display value. Another tack you could take with this is using cygwin's port of ssh and XFree86 and do it via X11Forwarding, rather than using VNC.
|
thanx. i decided to try the cygwin approach, as it seemed to be a little more of what i was looking for.
i got cygwin installed on my workstation, and can open up xterm to ssh into my network at home. i have enabled x11 forwarding in my /etc/ssh/sshd_config file. however, i still can't open up x applications from my home network. is there something i'm missing? |
What you have done is authorize X Forwarding on the server side.
You will have to edit the client conf file ssh_config ( on the cygwin side ) or use ssh -X -l<you> <yourserver> for it to work. |
i've done that... however, when i log into my networking, using:
ssh -X -l root blah.com i get the following error after i authenticate: Warning: No xauth data; using fake authentication data for X11 forwarding. ideas? :-) |
That's just a warning. It comes up because the cygwin environment doesn't have a true xauth setup. The X11 Forwarding will still work. Have you tried running any X apps anyway?
Also, make sure you are actually using an X server so it has somewhere to display to. you should be running /usr/X11R6/bin/startxwin.sh or startxwin.bat to accomplish that. One more thing, those scripts just run XWin.exe with a couple other items. try changing the XWin.exe line to include the -rootless option. It will start the X server without the root window. I guarantee you will think it's REALLY cool ;-) |
unfortunately, it's still not working. i had tried to start an x app (like emacs) but without any success.
i was executing the .bat file: :STARTUP REM REM Startup the programs REM REM Startup the X Server. start XWin -rootless REM Startup an xterm, using bash as the shell. run xterm -sl 1000 -sb -rightbar -ms red -fg yellow -bg black -e /usr/bin/bash REM Startup the twm window manager. run twm REM Set a background color. run xsetroot -solid aquamarine4 should or shouldn't i have X running on the machine before i ssh into it from cygwin? login would suggest i not have it running, but you never know. and you're right, i really do like the -rootless option much better. much easier to work with. :-) |
Quote:
You should have an X server running on the ssh client side before you attempt running an x client program on the ssh server side. Have a look at the following URL for the underlying concepts. http://www.manualy.sk/seminar/Papers96/ssh/x11.html http://csociety.ecn.purdue.edu/~sigo...sh/forwarding/ |
yeah, i've heard the whole "never log in as root" argument a hundred times. i'm very paranoid about security, but am also very confident in my network security. port 22 forwards to a "gateway" box which doesn't have any sensitve information. any servers which do have info on them i want to protect use separate passwds. i'm not a newbie to *nix systems by any means, but most everything i do is from console or ssh. i'm just interested in this so i can use X applications like file sharing agents which don't really exist for console.
anyway, onward with the problem. i created a normal user and ssh'ed in as that user. when i attempted to type "xhost +" it would not work. same with xterm or any other x app. |
After running startxwin.bat, you should be getting an xterm. Try running ssh -v -X user@machine (user@ is an alternate for -l user)
This will run ssh in verbose mode and will give you a LOT more information about what is going on. If it's not obvious what is wrong at that point, post the results for the rest of us to look at it. |
Quote:
After you logon as the normal ssh user with X forwarding enabled, type xauth list at the prompt. And post what the DISPLAY env variable holds. try a simple xclient such as xeyes. And post the literal error message. Like rockdw suggested, increasing the verbosity of the ssh connection will also help if something isnt right. |
Quote:
anyway, back to the problem. :-) i decided to take one variable out of the equation and booted my laptop into slack so i could have a true x11 running. i logged into my network from aterm like so: ssh -X -v -l jeff my.network.com and this was the most interesting portion of the messages: jeff@my.network.com's password: debug1: ssh-userauth2 successful: method password debug1: channel 0: new [client-session] debug1: channel_new: 0 debug1: send channel open 0 debug1: Entering interactive session. debug1: client_init id 0 arg 0 debug1: Requesting X11 forwarding with authentication spoofing. debug1: channel request 0: shell debug1: channel 0: open confirm rwindow 0 rmax 16384 this was the output of xauth (before cmd prompt): Using authority file /home/jeff/.Xauthority but .Xauthority is an empty file. my DISPLAY variable is still "" . and when i attempt to start up some sort of X app, i get this error message: jeff@aya:~$ xeyes Error: Can't open display: so i'd say the problem definitely lies on the server end, since i'm running a real x11 environment now. hmmmmmm |
Quote:
Regarding your problem: I have ssh-ed from my redhat desktop and even remotely to my Laptop on Slack, running sshd at port 22 . And I have configured kernels with make xconfig using X11forwarding. So believe me, if I can do it and you cant, I'm sure it is in the basics somewhere. Boot up your laptop, logon as jeff. startx. From within your aterm, do Code:
xauth list;echo $DISPLAY;echo $XAUTHORITYAlso make sure that sshd is listening at 22. by running Code:
netstat -ntla |
I just ran through similar troubles and figured out that I needed to set ForwardX11 yes in my client .ssh/config
Once I did that I was golden. Hope it helps. |
| All times are GMT -5. The time now is 03:42 PM. |