HPE Community
Operating System - HP-UX
1834009 Members
2040 Online
110063 Solutions
New Discussion

Restrict X remotely

 
SOLVED
Go to solution
Fredric Vådegård
Frequent Advisor

‎04-10-2003 06:43 AM

‎04-10-2003 06:43 AM

Restrict X remotely

Hi,

I would like to restrict the X service (CDE etc.) to only a couple of IP-addresses. Can I set up this in the /etc/dt/config/Xsetup or Xservers config file?

//Fredric
Fredde
0 Kudos
Reply
7 REPLIES 7
Alex Glennie
Honored Contributor

‎04-10-2003 06:45 AM

‎04-10-2003 06:45 AM

Re: Restrict X remotely

If it were me I'd cp /usr/dt/config/Xaccess -> /etc/dt/config/Xaccess and edit accordingly see the file for syntax .....
0 Kudos
Reply
Zafar A. Mohammed_1
Trusted Contributor

‎04-10-2003 06:53 AM

‎04-10-2003 06:53 AM

Re: Restrict X remotely

check & edit /usr/dt/config/Xaccess file

Thanks
Zafar
0 Kudos
Reply
Wodisch
Honored Contributor

‎04-10-2003 04:45 PM

‎04-10-2003 04:45 PM

Re: Restrict X remotely

Hi Fredric,

you could use "IPFilter/9000" to restrict ports 6000 (X) and 7000 (X Font Server).

FWIW,
Wodisch
0 Kudos
Reply
Fredric Vådegård
Frequent Advisor

‎04-11-2003 04:05 AM

‎04-11-2003 04:05 AM

Re: Restrict X remotely

Could someone please give me an exemple how to configure the Xaccess file?

I want to restrict the access to a couple of hosts, doesn??t matter if it??s the hostname or the IP-address.

I have tested to configure, but it doesn??t work. I did comment the line with CHOOSER BROADCAST and removed the comment for the %hostlist, but still doesn??t work. I also tried differnt ways of adding hosts to the hostlist and deny hosts at the end of the file (ENTRY FORMAT).

//Fredric
Fredde
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎04-11-2003 04:14 AM

‎04-11-2003 04:14 AM

Re: Restrict X remotely

Hi Fredric,

take a look at this document,

http://www4.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000063236640

Hope it helps,

Robert-Jan.
0 Kudos
Reply
Stephen Burkwood
Advisor

‎04-11-2003 04:20 AM

‎04-11-2003 04:20 AM

Solution

Re: Restrict X remotely

Hi Fredric,

Presuming you want to control "direct" xdmcp clients, i.e. those that initiate the comnnection direct to the machine, then all you need to place in the /etc/dt/config/Xaccess file is the hostname (presuming you can reverse lookup the IP from the name) or IP of the chosen client. Place each entry on its own line in the file with nothing else after it e.g.

hostA
hostB
10.0.0.1

etc...

Then run "/usr/dt/bin/dtconfig -reset" to make the changes take effect. The Xaccess file is only read on startup and whenever the above is run.

Regards,
Stephen
Reply
Fredric Vådegård
Frequent Advisor

‎04-11-2003 06:00 AM

‎04-11-2003 06:00 AM

Re: Restrict X remotely

Hi,

thanks for you answears. Case solved!
Fredde
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.