Saravana Kumar wrote:
STYMA, ROBERT E (ROBERT) wrote:
Hi fellow admins,
I posted to this fedora.desktop and was redirected.
I have a peculiar requirement. We have two offices. People from second office(say #2) want to connect to the server in first office(say #1). They want to run the GUI applications in the office #1 server from office #2.
I tried to do this with VNC server and it works fine. But VNC is goes thro unencrypted(open) connection. Is there a way to do this in a secured way(read that xdmcp is not possible as it uses UDP).
Inside our network(LAN) if connect from one system to other thro ssh and start an gui application that application shows up in the client. This doesn't happen when i connect to server and start gui apps(says display not set). iptables runs in the server. Do i have to open any port for that?
Any help or pointer in this regard is appreciated.
You can use port forwarding within SSH to accomplish this task with VNC. In a nutshell, you port forward some port near 5900 (the vnc port) on the local machine to port 5900 on the machine running the vnc server. This is done in your ~/.ssh/config file. For example: LocalForward 5925 192.168.0.5:5900
You then run: vncclient localhost:25 and it will connect through the secure tunnel to port 5900 on the target machine. In the example 192.168.0.5
For X, the task is even easier. Run: ssh -X -Y remote_machine.my.domain (where remote_machine.my.domain is the other machine) and X will be forwarded back to the local machine. If this does not work, check the /etc/ssh/sshd_config to make sure X11 tunnelling is allowed. (search for X11 in the file).
Bob Styma
Thanks For the help Bob.
Let me put on what i did from first.
In the beginning(before posting here) i took two systems(rose & glob) to test how this works. Both are FC4 systems and the default(X11Forward yes in sshd_config) is unchanged. I connect from rose to glob thro ssh(ssh rose.mydomain.com) and say xclock the app shows up in rose. But when i connect from glob to rose thro ssh(ssh glob.mydomain.com) and say xclock it wont work. This is annoying. Any idea where i am going wrong. As both are inside lan there is no firewall in them. i can connect in text mode from each other.
I am going to try what you said in a short while and post the results here.
Thanks Again,
regds, SK
Sorry in glob ForwardX11 yes was not enabled in the ssh_config. Now everything works fine from both systems. And hey it works without specifying -X, -Y options.
Just to add up in both machines vncserver is not running.
regds, SK