[CLUE-Tech] ssh and xwindows
David Anselmi
anselmi at americanisp.net
Fri Dec 26 09:22:34 MST 2003
Jeff Cann wrote:
> Here's a cool, automatic trick that may not be well-known.
>
> If I have my DISPLAY enviromental variable set and my x windows server set to
> accept connections from remote servers (e.g., $ xhost +) when I ssh into
> another server, SSH automatically sets DISPLAY back to the originating host.
[...]
> Here's a simple example. Note that in an insecure environment, you probably
> want to pass arguments to xhost. See the man page for xhost.
>
> $ echo $DISPLAY
> :0.0
>
> $ xhost +
> access control disabled, clients can connect from any host
I don't have a way to check at the moment, but the "xhost +" shouldn't
be required and the X connection should be secure if the client and
server allow X forwarding (and perhaps the X server allows TCP
connections)(see ForwardX11 in the man pages).
The $DISPLAY that ssh sets up on the server is to a local (to the
server) port. The data the server sends there (display for the server's
X application) gets forwarded over the ssh connection (encrypted) to the
client. On the client it is passed to the X server and looks like it is
local to the client.
ssh can do this for TCP connections in general. The X forwarding is the
same thing, with automatic management of $DISPLAY.
Dave
More information about the clue-tech
mailing list