Re: Remote X-term
Carey Evans <c.evans@clear.net.nz> wrote:
> Tim Thomson <tim.thomson@softhome.net> writes:
>
> > Found it: type "xhost remote.addr" on the local machine before telneting
> > to it.
>
> This means *any* user on that machine can use your machine to do
> things like snooping on passwords you type or sending "M-! rm -rf ."
> to your Emacs.
>
> Something I used to use at University was like:
>
> xauth nextract - $HOSTDISPLAY | rsh -l misc2374 cantua \
> "xauth remove $HOSTDISPLAY; xauth nmerge -" &
>
> It was actually a bit more complicated because of disagreeing NIS and
> DNS setups on the X terminals and cantua. The "xauth remove" bit
> might be unnecessary on new versions of X too.
>
> > I can't try it cause I'm behind a IP-MASK'ed firewall. Got to work out how
> > to forward X-win stuff. What port is it on?
>
> It's on port 6000. (Try "DISPLAY=localhost:0 xeyes & sleep 1; netstat -t").
>
> The "redir" program could work as well, to forward port 6000 on the
> firewall to port 6000 on the real machine.
Try something like:
xterm -e ssh -l username remotehostname
X has problems with masquerading because the remote end initiates
the port connection. If you use redir to redirect the port, you can
only support X on one machine inside the firewall. With ssh, ssh
initiates the encrypted connection and all responses come back over this
connection. ssh pulls out the X info and displays it locally. No port
problems. Also no authorization problems, because you already have
permission to use the local display with your own programs.
Thanks everyone who recommended ssh in the past.
--
Lee Bradshaw lee.bradshaw@mindspring.com (preferred)
Next Level Communications bradshaw@nlc.com
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: