RE: X thro ssh

STYMA, ROBERT E (ROBERT) wrote: >> >> Hi fellow admins, >> >> I posted to this fedora.desktop and was redirected. >> >> I have a peculiar requirement. We have two offices. People from second >> office(say #2) want to connect to the server in first >> office(say #1). They >> want to run the GUI applications in the office #1 server from >> office #2. >> >> I tried to do this with VNC server and it works fine. But VNC >> is goes thro >> unencrypted(open) connection. Is there a way to do this in a secured >> way(read that xdmcp is not possible as it uses UDP). >> >> Inside our network(LAN) if connect from one system to other >> thro ssh and >> start an gui application that application shows up in the client. This >> doesn't happen when i connect to server and start gui >> apps(says display not >> set). iptables runs in the server. Do i have to open any port >> for that? >> >> Any help or pointer in this regard is appreciated. >> > You can use port forwarding within SSH to accomplish this > task with VNC. In a nutshell, you port forward some port near 5900 > (the vnc port) on the local machine to port 5900 on the machine > running the vnc server. This is done in your ~/.ssh/config file. > For example: > LocalForward 5925 192.168.0.5:5900 > > You then run: > vncclient localhost:25 > and it will connect through the secure tunnel to port 5900 on the > target machine. In the example 192.168.0.5 > > For X, the task is even easier. Run: > ssh -X -Y remote_machine.my.domain > (where remote_machine.my.domain is the other machine) > and X will be forwarded back to the local machine. > If this does not work, check the /etc/ssh/sshd_config to > make sure X11 tunnelling is allowed. (search for X11 in the file). > > Bob Styma > Thanks For the help Bob. Let me put on what i did from first. In the beginning(before posting here) i took two systems(rose & glob) to test how this works. Both are FC4 systems and the default(X11Forward yes in sshd_config) is unchanged. I connect from rose to glob thro ssh(ssh rose.mydomain.com) and say xclock the app shows up in rose. But when i connect from glob to rose thro ssh(ssh glob.mydomain.com) and say xclock it wont work. This is annoying. Any idea where i am going wrong. As both are inside lan there is no firewall in them. i can connect in text mode from each other. I am going to try what you said in a short while and post the results here. Thanks Again, regds, SK