Date: Thu, 20 Jul 2000 15:26:04 -0700 From: "Kevin Oberman" <oberman@es.net> To: Gus Mancuso <gus@fiawol.org> Cc: Kevin Gross <kc144@sprynet.com>, questions@FreeBSD.ORG Subject: Re: Running FreeBSD X applications from a networked WindowsNT Message-ID: <200007202226.e6KMQ5U32437@ptavv.es.net> In-Reply-To: Your message of "Wed, 19 Jul 2000 12:46:36 EDT." <200007191646.MAA01577@smof.fiawol.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> From: Gus Mancuso <gus@fiawol.org>
> Date: Wed, 19 Jul 2000 12:46:36 -0400 (EDT)
> Sender: owner-freebsd-questions@FreeBSD.ORG
>
> Hi Kevin.
>
> If X is already set up on your BSD Box,
> just do xhost + NTBOXNAME so that it will allow
> X connections from the NT machine. Do keep in mind
> that X isn't terribly secure (see the other posts
> regarding this.. I'm no security expert).
There are no X connections coming from the NT box. It is only a X
xserver. xhost is evil and dangerous! Don't ever use it unless you
don't mind having your system compromised!
(OK. If your REALLY understand how it works, there are exceptions to
this, but it is a terrible tool since it leaves the server wide open
for tapping and things like remote keystroke recording.)
> I've never used X-WinPro, but I've used some other
> X servers before, and one of the main problems I found
> was that they all want to use rsh, which noone
> enables (with good reason, I'm told) anymore. I usually
> had to ssh over to the BSD machine, then start whichever
> app I wanted to use (possibly setting $DISPLAY to my
> machine name... depends on your ssh setup) for example:
> <Start X server on NT Box>
> <ssh to Unix Box using some WinSSH client>
> export $DISPLAY=NTBOX:0.0
> xcalc &
> of course, NTBOX must be resolvable by the Unix Box.
Once again, this does little except to break the excellent security
ssh provides. SSH will tunnel the X connection over the encrypted link
if you let it. Resetting the display variable will break this.
<Start X server on the NT box>
<ssh to Unix box with an SSH client> (I recommend TeraTerm with TTSSH,
but there are many of them.)
xcalc & (or some other X client)
If you examine the value of DISPLAY, it will be pointing to the local
Unix box on a display >= 10. For example: myhost.isp.com:10.0
Display 10 is really the ssh server which encrypts the stream, tunnels
it to the NT system which decrypts it and passes it to the X server as
a local connection.
You do need to make sure that X forwarding is enabled in both the ssh
client and server.
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net Phone: +1 510 486-8634
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007202226.e6KMQ5U32437>