Nope; it doesn't "just work". Of course, maybe if I gave a better picture of the situation.....
Trying to connect to a machine (Rizzo) which is outside the firewall. SSH is running, and the sshd_config is set to allow Xforwarding. I just set it, and even rebooted the sshd demon to make sure it picked it up. Firewall allows the port 22 connection out. I am running on the desktop a (I know!) Windows NT box with Exceed as my X server; I use PuTTY to get out. Login to the box via SSH is fine. Environment shows the SSH client and the "remote host" but both point to the Firewall (of course; it's doing NAT). So, I try to do an Xload; nada, I get the standard "Error: Can't open display:" message which tells me I need to set the display environment variable. Of course, since I'm NATing, and don't control the firewall, I can't put any rules to allow me through... so I need to tunnel through the SSH pipe. I need to monitor those machines; they're outside the firewall, but they're my responsibility. To top it off, they're located slightly offsite; I have to go to another part of the building entirely to get to them. I've already got to go ask one of our folks to reset the rules on the adaptive firewall (my first machine connected back wrong; it got chained out because of trying to connect to the firewall, an "attack"). So, how do I the X Windows through the SSH pipe? > -----Original Message----- > From: David Talkington [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 12, 2002 3:52 PM > To: Redhat-List (E-mail) > Subject: Re: Tunnelling X through ssh > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Ward William E DLDN wrote: > > >Anyone know how to tunnel X through SSH? > > > >I want to setup a secure ssh connection and display > >my X results back on the original; I have a firewall > >that blocks everything except port 22, so I need to > >tunnel on the connection proper. Any clues, short > >of a VPN? > > You don't have to do anything special at all, as long as X > forwarding is > enabled on both client and server (ssh_config, sshd_config), > and there's > an X server running on the client end. > > It "just works". > > - -d > > > - -- > David Talkington > > PGP key: http://www.prairienet.org/~dtalk/0xCA4C11AD.pgp > > -----BEGIN PGP SIGNATURE----- > Version: PGP 6.5.8 > Comment: Made with pgp4pine 1.75-6 > > iQA/AwUBPLc6yr9BpdPKTBGtEQIBGACgt+aG7VikaxAaAOU+BuhihNFbiywAn0Dc > IG6WmeF/0kiST6lZEsRtWpm2 > =05F0 > -----END PGP SIGNATURE----- > > > > > _______________________________________________ > Redhat-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list > _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
