SUMMERY: SSH X display hopping

From: Ben Rockwood (benr@cuddletech.com)
Date: Tue Feb 04 2003 - 14:57:20 EST


Question:
> Is anyone aware of a method to do display hopping thru multiple
> systems? Here's the situation: from my home I can SSH to one of my
> Solaris systems running SSH via a virtual IP and some firewall rules
> that only allow SSH access to that system, which saves me from having
> to use a VPN client. For most operations this is fine, but once in a
> great while (usually with NetBackup) I'd really love to pull up a GUI.
> With X forwarding on my system that is connected to the public net,
> this isn't a problem, but if I want to work on a system inside the
> network, I have to SSH to my net connected system, and then from there
> SSH/telnet to one of the protected machines inside. I'm not sure how
> to keep passing the display thru my hops.
> Has anyone done this?

Answer:

Over 40 people replied, thank you to you all. Due to the volume I won't
list them all, but they all gave the same answer: ssh -X <host>This will turn on Xforwarding to the client. And you can in fact "chain",
or keep hopping from one host to another in this manner and keep passing
along your host as the display just using ssh -X on each hop. However,
two things should be known:1) You can avoid using -X _if_ you have X11Forwarding eneable in the SSH
config (both OpenSSH and SSH (inc) do this)2) You must ensure that X11Forwarding is enable in the SSHD config

If this method doesn't work, most likely you didn't release that the SSHD
wasn't properly set...... this is my problem.
Followup Bonus Question:

I haven't determined if this can go one step further, however, where you
ssh -X up to a point and then telnet into a system WITHOUT SSH installed
and then pull the display back..... I'm not sure how you do that
redirection. Or if it can even be done. I ran it by a couple people and
they weren't sure either.

Conclusion:

This method will work fine. However, this would likely be a good time to
consider a full VNC solution, as apposed to SSH'ing. Persistance isn't an
issue, but the routing options are clear.
Thank You to all how answered.
benr.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers



This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:45 EDT