[TriLUG] Looking for Remote access to Unix boxes via Wintel
Jeremy P
jeremyp at pobox.com
Mon Apr 29 19:01:52 EDT 2002
On Mon, 29 Apr 2002, Jon Carnes wrote:
> ESTABLISHING SSH+X-WIN CONNECTION
> ================================
> - Double-click on <Path to Cygwin>\usr\X11R6\bin\startxwin.bat
> - Left click in the window that popped up to place shell window
> - In that bash shell window, type "xhost <host you want to access>"
> - Type "ssh -X -l <your account> <host>". If it is the first time you
> connect to that host, first accept that host's key and then type your
> password to get in.
>
> - Set up the DISPLAY environment variable by typing: "DISPLAY=<your IP>:0"
> and "export DISPLAY". If you have to change user during your SSH session,
> make sure you set the DISPLAY variable to the appropriate value again.
But doesn't that defeat the whole purpose of using SSH? You've
circumvented ssh's X tunnelling feature and made an insecure X connection
directly to the PC. Wouldn't it be much better to omit the "-X" option
and let ssh handle the DISPLAY variable, tunnelling, etc?
I realize that maybe you're on a secure network and don't care about the
insecurity of X connections, but I don't understand why you would require
your users to fiddle with the DISPLAY variable when SSH can handle it on
its own.
--Jeremy
More information about the TriLUG
mailing list