Re: Help in understanding XDMCP required
On Sat, Jul 29, 2006 at 08:34:09PM +0100, Alan Chandler wrote:
> In my house, I have two linux machines, both running debian.
>
> One, a server, acts as the firewall /gateway between my internal network and
> the external internet and runs sshd. I have a logon account on this machine.
>
> The other is my workstation, and runs KDM to allow me to logon and run KDE.
>
> I also have a (work provided) laptop running Windows XP, onto which I have
> installed Putty and Gygwin/X.
>
> When this laptop is on my home network, I can run up a remote session into the
> KDM logon using XDMCP, and effectively log into my workstation from the
> laptop.
>
> When I am outside my house, this is not possible directly, because of the
> firewall. I do have an open port, which allows me to SSH (using Putty) from
> my laptop into my logon account on the server, and I do have X-Forwarding
> enabled in the sshd on my server machine.
>
> I have been able, with a second ssh hop onto my workstation from the server
> (also forwarding X) to run individual X based applications so that the
> display is on the laptop, but I can't figure out how to get it to operate so
> the whole desktop gets displayed there. Is it possible? and if so How
Sure it is possible, but probably unwise. Using XDMCP involves having
the X server (on your laptop) asking the asking a display manager (in this
case KDM) on the target host (your home workstation) to open and control the
remote server using the X protocol. So to work the way you were doing
from home would require opening up the xdmcp ports (177) on your router,
and letting the workstation connect to an external X server. If you
were using broadcast XDMCP requests, you will probably have to switch
to using a specific IP, as broadcasts don't generally work except on
a single LAN.
In any case, running raw X packets over the Internet is
is generally insecure, ant not adviseable.
By displaying 'the whole desktop' I assume you mean having the window
manager running on your workstation, with the login environment as
configured there. You can probably do that via ssh with separate scripts to
perform the same environment initialization that you get when
logging in the the worstation using XDM. That would have the advantage
of keeping the traffic encrypted.
You might be able to fool KDM into managing the port forwarded display
after establishing your ssh connection - it depends on the capabilities
of you X server (I am not familiar with Windows apps like Gygwin/X).
It would involve establishing an ssh connection without having a window
manager already in control of your server, and adding the port forwarded
server to your local managed server list, as the XDMCP wouldn't work.
A neater way of being able to do exactly what you do from home would be
to establish a VPN connection from the laptop to your home LAN. It takes
a bit more configuration, but is secure and once done will give you the
same capabilities as when you are at home.
However I am no windows expert, so the only way I have done this when
someone has wanted to be able to use Windows at the remote end was to
use a router with the VPN code built in (in that case, a draytek).
Someone else can probably advise what software only options are available
for a windows platform.
Regards,
DigbyT
--
Digby R. S. Tarvin digbyt(at)digbyt.com
http://www.digbyt.com
Reply to: