Re: Tunnel iceweasel?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joost Witteveen wrote:
> On 24/03/2008, Douglas A. Tutty <dtutty@porchlight.ca> wrote:
>> On Mon, Mar 24, 2008 at 11:46:56AM +0100, Joost Witteveen wrote:
>> > On 23/03/2008, Rich Healey <healey.rich@gmail.com> wrote:
>>
>>>> I'm trying to tunnel an iceweasel instance via ssh from one
>> > > of my boxes at my house to remember the name of an add-on i
>> > > installed.
>> > >
>> > > The problem is that i create a ssh session (ssh -XC
>> > > ssh.psychotik.info), login and run iceweasel at the bash
>> > > prompt, which takes forever, but then finally *opens a local
>> > > iceweasel!!!*
>> >
>> > I suppose that iceweasel -P uniqueprofilename would do what you want?
>> >
>> > Also, it's *much* faster use vnc (tunnel through ssh): on the remote
>> > host, start: vnc4server on your localhost, start (and login to) ssh -L
>> > 5900:server:5901 server
>> >
>> > and then on the localhost (different window) vncviewer localhost:5900
>> >
>> > The 5901 portnumer is assuming the vncserver opens a X11 screen on :1.
>> > When I start epiphany diretly over X11, it takes about 30 min to show
>> > a page; when I do it using VNC as above, it takes seconds.
>>
>>
>> I run iceweasel over ssh all the time, however, I don't have it
>> installed locally so there's no local version to run. It may take a few
>> seconds to give the initial window, but then it displays as fast as the
>> box can swap. The network is 100 MB/s ethernet, the box I'm sitting at
>> is a P-II with 64 MB ram, the box I'm sshing into to run iceweasel is an
>> AMD Athlon64 with 1 GB ram. It doesn't even take 30 minutes to show a
>> page when I ssh from my 486 with 32 MB ram so something is wrong there.
>>
>> Why would VNC be faster if both are encrypted?
>>
>
> No, over a 100Mb/s ethernet, running iceweasel over VNC probably
> wouldn't be much faster than directly over ssh (and running over an
> ssh-tunneled VNC connection would of course be slower than straigt
> VNC).
>
> But the OP complained iceweasel was very slow. So I suppose he didn't
> run it over a direct 100Mb/s connection, but over something slower,
> probably with larger ping times, ping times of 10-30 ms are enough to
> make it slow, and with slow, I mean that it can take over 20 min for
> iceweasel to even start showing the home page.
> I notice that when that happens, starting iceweasel on the remote site
> on a VNC X server an watching the output via a VNC viewer is a lot
> faster. And a lot here means just a couple of seconds to show the home
> page, instead of 20 min.
> As the OP reported using ssh, I assumed he didn't want to connect
> unencrypted (somethign VNC as far as I know does), so I suggested
> using an ssh tunnel.
>
>
Hi, the issue here isn't the speed, and besides, i prefer to have it
directly connected to my Xserver, rather than runnign in VNC.
The point here isn't eh startup time though, it's that it starts a local
iceweasel!
In trying to build FF from source on my new 64 bit machine i
accidentally wound up with a ff3 beta, but running that now also opens
iceweasel.
Somehow the binary has managed to associate EVERYTHING with itself.
The real thing that does my head in is when i launch FF on another box..
it still creates a local iceweasel? this should happen AFAIK.. my
starting a command on that box via should not be able to cause commands
to be run on my local?
Does this constitute a security issue? i'll see if i can get a PoC
during the week, even if one couldn't get arbitrary code, one could
still point the new iceweasel on the host machine to a site witha FF
exploit.
Now that i think of it.. it would be simple enough to create a free
shellserver with busybox aliased to a malicious FireFox call in the
system bashrc.. that'd probably do it.
I'll look into it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH6lc4LeTfO4yBSAcRAnPxAJ46dqdpOW+XordEFgS7f2tvt6YrgQCgtzEs
iBkMag0YujDUaYgm3ONQIjQ=
=Ibsy
-----END PGP SIGNATURE-----
Reply to: