SSH to UNIX, X forwarding... newbie questions
I am able to connect with SSH to a remote UNIX cluster, no matter which method or client I use, they all work. I am having trouble with X forwarding, though.
I am using a router. I use XP on another box and I got everything to work with an SSH client and an X emulator running. I set the port forwarding of the appropriate port in the router to the XP box and then had to use the command: %setenv DISPLAY (my IP address):0.0 to get everything working when I was logged in with SSH. Now I'm trying to do the same thing with the Linux box... I'm not sure what needs to be done. I've searched and found a few threads that have some info, but I may be a little bit too inexperienced to put it all together. A few questions: 1. Do I need anything running locally to display the X stuff? I wouldn't think I would need some kind of X emulator on Linux... maybe I'm wrong. If I need something, what should I get? 2. What port should be forwarded to the Linux box in the router, if any? 3. Do I still need to set environment variables? What syntax do I use? Thanks for any help! |
Hi,
So as to enable X forwarding with ssh you just add the -X option. As for the port forwarding, it should be same config as for XP... port numbers do not (normally) depend on the OS And yes, you still need the env variable, since it the way you specify your remote machine where to print the display... Bye |
Thanks for the reply fr_laz.
I'm still not getting the windows to come up (and getting "Error: Can't open display" messages). The port to forward to the XP box with the X emulator was 6000. I tried forwarding this same port to the Linux box. I used the same setenv command. How can I find out what port Linux is checking for X forwarding and if it is currently ready to receive it? Does 6000 sound like a reasonable number it would be using? Thanks! |
Not sure of you exact situation but lets assume your sitting in front of a Linux box trying to connect to the UNIX box.
The client machine(Linux) must have a X server running, and must have following line in /etc/ssh/ssh_config ForwardX11 yes On the remote machine(UNIX) you must have the following line in /etc/ssh/sshd_config X11Forwarding yes The default on my Gentoo box is: #X11Forwarding no So just had to uncomment, change no to yes then restart sshd. When connecting from the linux box use: ssh -X unixmachine The -X will configure your DISPLAY env var (so do not change it) and now all X traffic will be forwarded through the secure tunnel (default: port 22) so no other ports need to be opened. If you have to open another port the the traffic isn't going through the ssh tunnel which would be the case without the -X from: "man ssh" ---------------- -X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. X11 forwarding should be enabled with caution. Users with the ability to bypass file permis- sions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. -x Disables X11 forwarding. -Y Enables trusted X11 forwarding. ----------------- |
Thanks cstiehl. I think I'm getting close...
One possibly very, very stupid question: How do I know if I have an X server running? Is it always running if i'm able to open terminals and GUI and stuff? I tried what I thought was a command to start it and it said: Fatal server error: Server is already active for display 0 If this server is no longer running, remove /tmp/.X0-lock and start again. Does that mean it was running? I think it was the same message when I typed "xstart" or "XFree86." Hopefully there is just something I am overlooking here because I think everything else is set correctly. Thanks all! |
Please read the info ssh file.
Quote:
|
Hi,
Quote:
it's possible that you've got to enter the command "xhost +" in command line on your linux machine. This command enables remote client to display on your linux box. The port used by your xserver should be 6000, unless it doesn't has a classical default config which is extremely unlikely. Last point, as said jschiwal, when I use ssh -X, I do not set the environment variable (I know I told you the opposite on my first post, but I didn't think it could be a problem, sorry). Bye |
Look for an alternative to the 'xhost +' command. It is very unsecure and should never be used.
The 'gdm' session manager allows you to log in to sessions on other machines or even to have two sessions running on the same screen (one in a window). However these features may not be enabled by default due to possible security concerns. |
All times are GMT -5. The time now is 10:00 AM. |