Defcon-1-Logo

           [Home]    [FBSD Articles]    [Scripts Corner]    [Contribute]    [Search]    [FBSD Links]    [Files]

About Us

FreeBSD Articles
  *Hardware
  *Networking
  *Security
  *Software
  *X Windows


Files / Scripts
Newbies Corner
Tech. Talk
Tips and Tricks


FreeBSD Links

Articles in other
Languages :
  *French Articles
  *Spanish Articles

Want to Help ?
 
   Click Here

Email Users 5

Search:
 

 


FreeBSD Search:


 

 

Powered-By-Apache-Logo

Defcon1 Logo


Using SSH For Your Remote X11 Applications

Note: Was tested (and passed!)in both 3.3.6 and 4.01_3 ver. of XFree86

The true power of BSD lies in networking. At some point in time, you may need to access a remote machine. For administration, you'll probably need a client to access the machine. SSH is the choice of many for this usage. It's more secure than telnet because it uses encryption and cannot be "sniffed", or intercepted, like the telnet application can be.

From the ssh manpage, we can find a clear description of what ssh is:

DESCRIPTION

ssh (Secure Shell) is a program for logging into a remote machine and for

executing commands on a remote machine. It is intended to replace rlogin

and rsh, and provide secure encrypted communications between two untrust-

ed hosts over an insecure network. X11 connections and arbitrary TCP/IP

ports can also be forwarded over the secure channel.

The description mentions using it for X11 connections. For one reason or another, you might want to run X11 applications on a machine that has it already installed. Maybe you want to keep your personal info on a machine behind another which has a direct link to the internet.

As of FreeBSD 4.0, Open SSH comes bundled with the rest of the OS without having to go searching for an SSH client or daemon.

Assuming you have administrative privledges on both the local and remote machines, or know someone who does and is willing to set it up for you, it is possible to run a graphical application on your local desktop, which is actually installed on the remote machine. All you need is an X server running locally and an sshd configured properly on the server side. Your /etc/ssh/sshd_config file has several different features you can use, but only the ones pertinent to this task will be discussed. On the server side, make sure your sshd_config has the following:

X11Forwarding yes

I also commented out the offset because of strange errors I was getting. Things seem to be working normally now. It should look like this:

 

#X11DisplayOffset 10

Keep in mind that the other lines still apply. We're just making sure these are set for *THIS* use.

Now you can restart your ssh daemon by doing:

killall -HUP sshd

This will/should restart the ssh daemon and make your changes to the sshd_config take effect.

Since most of my work remote is on a command line, we can use the -X flag so that ssh will/should automatically forward X11 data.

ssh -X <host>

It will prompt you for your login and password, which should be done as it would normally. Upon successfully lofgging into the remote machine, you can start any graphical apps you need to run from the command line.

kashmir% xchat &

[2] 20052

kashmir%

Being on one of the other machines here, zoso, I see the app run from kashmir running on this machine's desktop interface. Keep in mind that this may not be desirable for slow or busy networks, but it is simple to setup and functional when necessary. Using a 10/100 switch here with 100M network cards make this an acceptable fix until I decide whether or not I want to setup natd on the outside machine. Enjoy!

-christopher.holden@sbt.siemens.com

 

Email Us

ghostrdr@defcon1.org

This site cannot be duplicated without permission

© 1998 - 2010 Defcon1, www.defcon1.org. Copyrights for all materials on this web site are held by the individual authors, artists, photographers or creators. Materials may not be reproduced or otherwise distributed without permission of www.defcon1.org and the content's original author.