Giancarlo Razzolini <[email protected]> wrote: > Em 03-06-2014 18:45, Predrag Punosevac escreveu: > > I am trying to configure our OpenBSD shell gateway as a proxy for X2Go > > clients. Obviously by default port forwarding on privileged ports as > > well as X11 forwarding is disabled. I read through man pages for > > sshd_config but I am still not clear how should I edit them to enable > > that a regular can use their LDAP account to log into shell gateway > > which will proxy ssh connection to one of internal computing nodes. > > The idea is to let people use X2Go clients with shell gateway as a > > proxy to log into internal computing nodes and being able to run > > MATLAB with GUI. > > > > Predrag > > > Your e-mail was a little confusing. Since x2go runs on top of ssh > itself, and OpenBSD do not have a port of it, I'm presuming you have a > x2go server running linux, behind your internet exposed OpenBSD gateway.
Correct! X2Go servers (30 of them) run on Linux computing nodes which are accessible only via OpenBSD ssh gateway. > Your life might be a lot easier if your clients login directly to your > x2go server. All you need is to do is use pf and rdr your clients to the > internal machine. If you have more than one x2go server, you might want > to take a look at the relayd(8) daemon. It has functionality for doing > ssh forwarding, with failover and round-robin capabilities. > I am going to answer my own question. I have not been able to use OpenBSD shell gateway as a proxy from the X2Go client probably due to the fact that only root can do forwarding on privilaged ports. However combining ssh -L 8080:x2goserver.int.mydomain.org:22 shell.mydomain.org With editing /etc/ssh/sshd_config GSSAPIAuthentication yes AllowAgentForwarding yes AllowTcpForwarding yes X11Forwarding yes And pointing x2go client on my local machine to localhost:8080 I had no problem running MATLAB on the remote computing node and having it GUI displayed locally on my desktop. Cheers, Predrag
