HPE Community
Operating System - HP-UX
1819804 Members
3162 Online
109607 Solutions
New Discussion юеВ

X11 forward in SSH

 
SOLVED
Go to solution
YLTan
Frequent Advisor

тАО04-02-2003 10:14 PM

тАО04-02-2003 10:14 PM

X11 forward in SSH

What the different bet. setting X11Forwarding and not setting it at the SSH server? I noticed in both cases I can still use Xwindows by putting up the appropiate DISPLAY parameters and able to spawn the Xwindows on my PC's. Is there a diff. in terms of encrypted X11 traffic in both cases?
tyl
0 Kudos
Reply
7 REPLIES 7
Jerome Baron
Respected Contributor

тАО04-02-2003 11:37 PM

тАО04-02-2003 11:37 PM

Re: X11 forward in SSH

Hi,

Effectively with X11 forwarding you can lunch graphical application with a ssh session. The only problem is your lan connection speed!
Without X11 forwarding I mean that you can't use graphical interface by ssh.

Configuration on server in /etc/ssh/sshd_config:
X11Forwarding yes
X11DisplayOffset 10
# Change the port for more security
Port 5522

restart ssd daemon

Configuration on client in /etc/ssh/ssh_config or??/.ssh/config :
ForwardX11 yes
Compression yes
Port 5522 # the same port that on server

Without client configuration :
# ssh -XC -p 5522 -l

Regards,
Jerome
0 Kudos
Reply
Jerome Baron
Respected Contributor

тАО04-03-2003 12:01 AM

тАО04-03-2003 12:01 AM

Re: X11 forward in SSH

oups I give you linux config file....

On HP-UX config file are in /opt/ssh/etc.

Regards,
Jerome
0 Kudos
Reply
YLTan
Frequent Advisor

тАО04-03-2003 01:05 AM

тАО04-03-2003 01:05 AM

Re: X11 forward in SSH

Hi Jerome,

I test on both cases for X11Forward is yes and No, in both cases i can use the Xwindows graphic interface. It seems there is no diff. whether X11Forward is set or not. Did i miss something??
tyl
0 Kudos
Reply
Jerome Baron
Respected Contributor

тАО04-03-2003 01:16 AM

тАО04-03-2003 01:16 AM

Re: X11 forward in SSH

Hi,

For me the only way to disable X11 is to put no at X11Forwarding. I try on m??y system and have the same result (graphical application run in all case.
I suspect a "bug".

Regards,
Jerome
0 Kudos
Reply
Christian Gebhardt
Honored Contributor

тАО04-03-2003 01:17 AM

тАО04-03-2003 01:17 AM

Re: X11 forward in SSH

Hi

if you have
X11Forwarding yes
in the sshd_config file (don't forget to restart the sshd after changing the parameter) the sshd set the Variable DISPLAY to something like this:

DISPLAY=:10.0

you do not have to set the display manually, all X11-windows are forwarded to your client automatically.

If the ssh-Server is behind a firewall
xterm -display :0
doesn't work
but with X11forwarding enabled and typing
xterm
the display is tunneled via the ssh-connection

Chris
0 Kudos
Reply
YLTan
Frequent Advisor

тАО04-03-2003 03:05 AM

тАО04-03-2003 03:05 AM

Re: X11 forward in SSH

Hi Christian,

Does this means with X11Forward enable, the Xwindows traffic actually forced to use SSH connection which is encrypted?

Without X11Forward enable, Xwindows traffic are travelling in CLEAR TEXT even I am connecting to the SSH server using SSH client and have the DISPLAY=:10.0
tyl
0 Kudos
Reply
Christian Gebhardt
Honored Contributor

тАО04-03-2003 03:15 AM

тАО04-03-2003 03:15 AM

Solution

Re: X11 forward in SSH

yes
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.