From owner-freebsd-questions Thu Jul 20 15:27:13 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ptavv.es.net (ptavv.es.net [198.128.4.29]) by hub.freebsd.org (Postfix) with ESMTP id DDF8337C193 for ; Thu, 20 Jul 2000 15:27:02 -0700 (PDT) (envelope-from oberman@ptavv.es.net) Received: from ptavv.es.net (localhost [127.0.0.1]) by ptavv.es.net (8.10.1/8.10.1) with ESMTP id e6KMQ5U32437; Thu, 20 Jul 2000 15:26:05 -0700 (PDT) Message-Id: <200007202226.e6KMQ5U32437@ptavv.es.net> To: Gus Mancuso Cc: Kevin Gross , questions@FreeBSD.ORG Subject: Re: Running FreeBSD X applications from a networked WindowsNT In-reply-to: Your message of "Wed, 19 Jul 2000 12:46:36 EDT." <200007191646.MAA01577@smof.fiawol.org> Date: Thu, 20 Jul 2000 15:26:04 -0700 From: "Kevin Oberman" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > From: Gus Mancuso > Date: Wed, 19 Jul 2000 12:46:36 -0400 (EDT) > Sender: owner-freebsd-questions@FreeBSD.ORG > > Hi Kevin. > > If X is already set up on your BSD Box, > just do xhost + NTBOXNAME so that it will allow > X connections from the NT machine. Do keep in mind > that X isn't terribly secure (see the other posts > regarding this.. I'm no security expert). There are no X connections coming from the NT box. It is only a X xserver. xhost is evil and dangerous! Don't ever use it unless you don't mind having your system compromised! (OK. If your REALLY understand how it works, there are exceptions to this, but it is a terrible tool since it leaves the server wide open for tapping and things like remote keystroke recording.) > I've never used X-WinPro, but I've used some other > X servers before, and one of the main problems I found > was that they all want to use rsh, which noone > enables (with good reason, I'm told) anymore. I usually > had to ssh over to the BSD machine, then start whichever > app I wanted to use (possibly setting $DISPLAY to my > machine name... depends on your ssh setup) for example: > > > export $DISPLAY=NTBOX:0.0 > xcalc & > of course, NTBOX must be resolvable by the Unix Box. Once again, this does little except to break the excellent security ssh provides. SSH will tunnel the X connection over the encrypted link if you let it. Resetting the display variable will break this. (I recommend TeraTerm with TTSSH, but there are many of them.) xcalc & (or some other X client) If you examine the value of DISPLAY, it will be pointing to the local Unix box on a display >= 10. For example: myhost.isp.com:10.0 Display 10 is really the ssh server which encrypts the stream, tunnels it to the NT system which decrypts it and passes it to the X server as a local connection. You do need to make sure that X forwarding is enabled in both the ssh client and server. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message