neophob.com

As I have explained ear­lier, using XDMCP to dis­play X across Inter­net is basi­cally a no-no, due to it’s lack of encryp­tion across the Inter­net. One way to enforce the traf­fic secu­rity is to use the SSH by the way of X11 tun­nelling or port for­ward­ing. SSH (Secure Shell) is devel­oped in 1995 by Tatu Ylo­nen to replace the inse­cure tel­net, ftp, scp, rcp, rlogin, rsh, etc. The first thing you need to know is that X11 for­ward­ing using SSH is dif­fer­ent from your reg­u­lar, non-secure way of run­ning X Window.

To start this setup, you need an addi­tional piece of infor­ma­tion. First, you must have your SSH pack­age installed. In Linux, they are the OpenSSH pack­ages. Check your dis­tri­b­u­tion to decide what pack­age you need to install (some installed it as stan­dard pack­ages). Sec­ondly, you need a Win­dows SSH Client (other OS ver­sion, like MAC, are also avail­able). I rec­om­mend PuTTY. It is a won­der­ful free SSH client and you can down­load them from this link. Remem­ber to down­load the doc­u­ment and read them care­fully. The other good free SSH clients are: Tera Term Pro + TTSSH: An SSH Exten­sion to Tera Term, SSH Secure Shell Client by SSH.com (only free for non-commercial use). I will break down again into steps, so it is easy for you to follow.

1. Open up the com­mand putty.exe by double-click it. It will brings up the inter­face. First, setup the con­nec­tion info in Host Name (or use IP) field and select SSH (SSH is using port 22). In Con­nec­tion Cat­e­gory, find the Con­nec­tion tree. In SSH, expand it and you will see Tun­nels win­dow. Click “Enable X11 for­ward­ing”. It is set­ting the default to X dis­play at “localhost:0″. Now, go back to Ses­sion and save this ses­sion with a name you like. I nor­mally use the Host Name to make me eas­ily remem­ber where I am con­nect­ing to.
2. In the exam­ple of Hum­ming­bird Exceed, this is what you need to do. (For other X client, the setup is sim­i­lar). Open up the Xcon­fig from your Exceed folder. In your “Screen Def­i­n­i­tion”, change to “Mul­ti­ple” Win­dow mode and save it. Next, open up your “Com­mu­ni­ca­tion” icon and set the Startup mode to “Passive”.
3. Now you are done. To test it, first using PuTTY (or other SSH client) to con­nect to your server. The first time con­nec­tion, it will ask you whether you want to cache the Secu­rity Key or not. (Yes is nor­mal choice). Once log in is done, fire up your Exceed. It will stay in the back­ground. Now you can exe­cute any of your X appli­ca­tion and it should for­ward the X appli­ca­tion via SSH to your local screen. For example:

   1	$ xclock &

4. Ensure that xauth is in the path of the user run­ning. Also, make sure that you have the fol­low­ing line in your /etc/ssh2/sshd2_config file:

   1	AllowX11Forwarding              yes

   X11 for­ward­ing also needs to be enabled in the client by set­ting the fol­low­ing line in the ssh2_config file:

   1	ForwardX11                      yes

Win­dows X-Server:
http://sourceforge.net/project/showfiles.php?group_id=156984 (XMing)
http://www.pexus.com/ (X-Deep32)