Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
04-10-2003, 05:20 PM
|
#1
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Rep:
|
Xwindows over SSH
Could someone give me a brief how-to on setting up an xwindow emulator for win98 on my machine at work and having it connect remotely to my linux box at home? I want to be able to perform some basic tasks on my linux box from home that require a GUI. Do you have any suggestions of some freeware/shareware emulators? Thanks a bunch.
|
|
|
04-10-2003, 05:26 PM
|
#2
|
Member
Registered: Feb 2003
Location: San Antonio
Distribution: Suse 9.0 Professional
Posts: 843
Rep:
|
VNC. It runs on Windows, Linux, Solaris, Mac. Start a VNC server with an X desktop on your Linux box, connect to it with the Windows client. You will need to use SSH redirection, if that is the only service that is running on the Linux box, or you can free up port 5901 (desktop 1), 5902 (desktop 2), etc, on the Linux machine firewall. The desktop stays until shutdown on the server, so you can disconnect/reconnect as many times as desired.
Added through edit after posting: VNC is included with Redhat 8.0, it is likely installed. You can run the server on your Linux system, and use the client on the same machine to play/learn as you go. (i.e. server and client on the same machine, VNC doesn't care). Check /usr/share/dov/vnc...
RO.
http://www.uk.research.att.com/vnc/
Last edited by RolledOat; 04-10-2003 at 05:28 PM.
|
|
|
04-11-2003, 02:12 PM
|
#3
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Original Poster
Rep:
|
SSH redirection? :/
You mean port forwarding in SSH? If so, explain it anyway, cuz I don't really understand that either. ;p
Thanks.
|
|
|
04-11-2003, 03:49 PM
|
#4
|
Member
Registered: Feb 2003
Location: San Antonio
Distribution: Suse 9.0 Professional
Posts: 843
Rep:
|
When you SSH into a machine, you can redirect any existing data stream over the SSH connection to another port. From the man page, '
X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel
What it means, is you SSH into a machine, 'grab' an X stream and redirect it through the SSH to the local machine. It has the perk of being both encrypted and compressed.
Example
spawn ssh -L 5902:<IP Address of Remote Machine>:5901 <IP Addres
s of Remote Machine> -l <username> -F ~/<username>/.ssh/s
sh_config
This will take the output of port 5901 (The VNC Server desktop #1 on the remote machine) and redirect it through the SSH pipe to the local machine into port #5902. I then use VNC Client to connect to 5902, which is the redirected desktop running on the server. (i.e. it looks to the client that I am connecting to a Local VNC session). The data is enrypted and compressed.
RO
|
|
|
04-11-2003, 08:06 PM
|
#5
|
Member
Registered: May 2001
Posts: 125
Rep:
|
first of all, there is a much easier way to do this other than vnc (in my opinion) vnc is insecure, unless you forward over ssh ports. for that matter, its easier to just use ssh over x.
first, you need a x server and ssh client on windows, i recommend that you use cygwin. its a free linux emulation built on windows. it works great as a free ssh client and x server.
you can get it here http://www.cygwin.com/.
when you install it make sure you install the ssh client and xfree86 server.
then, you need to make sure that you have x forwarding enabled on the server, i am not sure if it is by default.
lastlyl, start cygwin, then run startx. then run ssh -X host. the -X option forward x on the client side. then run your usual programs, you can even do startkde for a desktop.
|
|
|
04-11-2003, 09:38 PM
|
#6
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Original Poster
Rep:
|
Both of you confused me a bit.
I only have a SSH server running on the Linux box right now. The router has only port 22 forwarded to the Linux box.
I am trying to connect to an xserver (which I will install) on the Linux box through SSH (and thus, port 22) from my windows computer at work. Thus, I need to know 3 things (I think):
1) What server should I use, and where can I get it?
2) What client should I use, and where can I get it?
3) How do I tunnel the connection through SSH?
I think you've both answered 1 and 2 (with varying answers, but that's a good thing). Number 3 I need answered in really simple terms. I didn't at all understand that command you typed out, RO. I have no idea what "spawn ssh" would do, lol. I just have the SSH server started in the rc.local startup file and then I don't even bother with it. Tyler, what is xfree86, and how difficult is it to enable x forwarding?
You two are dealing with a complete newbie here.
|
|
|
04-12-2003, 11:55 PM
|
#7
|
Member
Registered: Feb 2003
Location: San Antonio
Distribution: Suse 9.0 Professional
Posts: 843
Rep:
|
Alright, in it's most basic form, and since you only have SSH, then SSH redirection of VNC will work.
1) Install VNC client on your windows machine.
2) Start a VNC Server session on your linux box, use the links I posted above, the web page is easy to follow, tells you exactly what to do. REMEMBER the PASSWORD it asks you for, that is the password forever.
3) Assuming the IP of your Linux machine is 20.30.40.50, from your windows box
ssh -L 5902:20.30.40.50:5901 20.30.40.50
4) Log in normally
5) Assuming the IP address of the Windows machine is 25.35.45.55, Start the VNC client on your windows machine, when it askes for an address supply exactly
25.35.45.55:5902
ENTER the PASSWORD remebered from above.
RO
Last edited by RolledOat; 04-12-2003 at 11:58 PM.
|
|
|
04-13-2003, 01:54 AM
|
#8
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Original Poster
Rep:
|
So, the following command that you provided:
ssh -L 5902:20.30.40.50:5901 20.30.40.50
redirects the local port 5902 (local to Windows machine, that is) through the SSH tunnel and to the remote port 5901 (on the Linux box). And thus, when you provide 25.35.45.55:5902 as the address to login to, you are actually connecting to 20.30.40.50:5901, except through the SSH tunnel?
|
|
|
04-13-2003, 11:53 AM
|
#9
|
Member
Registered: Feb 2003
Location: San Antonio
Distribution: Suse 9.0 Professional
Posts: 843
Rep:
|
You got the idea correct, but the link is bi-directional. I think you have it down though. For others who might see this post, The command would read like
connect with SSH to 20.30.40.50 and redirect port 5901 on the remote machine to 5902 OVER the ssh pipe to the local machine. So what happens is port 5901 (The output of the VNC server) on the remote machine is forwarded to port 5902 on the local windows machine, then the local machine's VNC client can 'listen' to port 5902. (Note VNC uses ports 5901, 5902, etc). The redirection of ANY port on a remote machine to the local machine over SSH can be ANY port. You could therefore, if you wanted to, have XMMS play to a port, and use SSH to redirect the output over the SSH link and listen to it locally. Your second line is perfect, when you connect to 25.35.45.55:5902 you ARE actually connecting to 20.30.40.50:5901. The link is bi-directional though, and I wanted to make sure that was clear, so whatever is sent to remote:5901 shows up on local:5902 and whatever is sent to local:5902 shows up at remote:5901
RO
If the above is what you said in a different way (SSH redirection is never easy to describe ) then you are set.
|
|
|
04-14-2003, 07:52 PM
|
#10
|
Member
Registered: Apr 2003
Posts: 52
Rep:
|
Please, could anybody tell me another way to make the ssh tunnel in the same box?
Mandrake 9.1 has not command `spawn' though it has man spawn ¿?
I would like to try vnc server and client on the same box.
Thanks in advance for the info.
|
|
|
04-15-2003, 01:10 PM
|
#11
|
Member
Registered: Feb 2003
Location: San Antonio
Distribution: Suse 9.0 Professional
Posts: 843
Rep:
|
I apologize for not editing my first post. Drop the spawn. That is part of my automated script to start multiple VNC connects to multiple machines. The origional command should be
ssh -L 5902:<IP Address of Remote Machine>:5901 <IP Addres
s of Remote Machine> -l <username> -F ~/<username>/.ssh/s
sh_config
The simplified command,
ssh - L 5902:<local machine IP>:5901 <IP of local machine>
should offer direction over SSH inside the same box, then you connect to localhost:2 as the desktop.
Can I ask why you want to tunnel over SSH inside the same box? There is no requirement to use SSH. You can just directly start a server and connect to the same session in the same box. I do that a lot because several APPs require 8 bit color, so need the 8 bit env of a VNC desktop
RO
|
|
|
04-15-2003, 01:37 PM
|
#12
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Original Poster
Rep:
|
So, you could forward your SMB (server message block) ports through SSH and thus have a psuedo-VPN set up? I've tried this before, but to no avail. I wasn't able to do what I needed, but I could have made a mistake along the way.
The port forwarding only needs to be set up on the client side, correct? The SSH server on the Linux box will automatically recognize that the packets sent through the SSH tunnel on port 22 are actually destined for the SMB ports? (after they are unwrapped and decrypted, of course)
|
|
|
04-15-2003, 01:45 PM
|
#13
|
Member
Registered: Feb 2003
Location: San Antonio
Distribution: Suse 9.0 Professional
Posts: 843
Rep:
|
Quote:
Originally posted by gauge73
The port forwarding only needs to be set up on the client side, correct? The SSH server on the Linux box will automatically recognize that the packets sent through the SSH tunnel on port 22 are actually destined for the SMB ports? (after they are unwrapped and decrypted, of course)
|
Correct. What you specify, and send to the server from the client side is the port address that it should sent TO on the local machine, and what port to redirect from, on the server machine. In the examples above, the client tells the server, take all output of 5901 on your side, push it through the SSH pipe to me (client) and I will push it out to port 5902 for whomever wants to 'listen' to it.
RO
|
|
|
04-15-2003, 02:27 PM
|
#14
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Original Poster
Rep:
|
Alright, I'm at work on a Win98 machine. I connected to my Linux box at home using SSH (port 22). Then I went into the Tunneling properties in the SSH client and set up two tunnels. Under "Incoming" I set the following:
Listen port: 139
Destination host: (my home router's DNS name)
Destination port: 139
Then, under "outgoing", I put the following tunnel:
Listen port: 139
Destination host: localhost
Destination port: 139
Then, I kept the client open and tried entering the following into Start->Run:
\\127.0.0.1
But to no avail. Can you tell me what I'm doing wrong? :/
|
|
|
04-15-2003, 02:53 PM
|
#15
|
Member
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420
Original Poster
Rep:
|
I just tried logging into the SSH server and when doing so, I got an error saying "Failed to create incoming tunnel." I looked at some help pages and it said the three most common causes for this were:
1) There is already a tunnel with the same name set up
2) There is another user already tunneling the desired port
3) You cannot open public ports through tunneling unless you are logged in as root.
I know that my two tunnels have different names. There are no other users of my server except me. I was logging in as my normal username initially, but after reading #3, I tried root and got the same error.
Any suggestions?
Last edited by gauge73; 04-15-2003 at 03:00 PM.
|
|
|
All times are GMT -5. The time now is 10:13 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|