Linux Computer Store and Cafe

[Thomas Mondoshawan Tate]

On Wed, Apr 10, 2002 at 12:49:27PM -0700, der.hans wrote:
> Am 10. Apr, 2002 schwätzte Thomas Mondoshawan Tate so:
> 
> > Anybody have any success in forwarding X11 ports with OpenSSH? I'm
> > attempting to do this simple task by starting the SSH session from an xterm
> > like so:
> >
> > [crystaldragon:~]$ ssh -C -X thing
> >
> > But when I successfully establish the connection to thing, $DISPLAY is not
> > set. Thing and Crystaldragon are both running the same version of OpenSSH,
> > compiled exactly the same way on both sides. Additionally, the config files
> > are the same (they also have X11Forwarding set to yes in the
> > /etc/ssh/sshd_config and /etc/ssh/ssh_config files). Additionally, the
> > /tmp/.X11-unix file doesn't exist. Any ideas?
> 
> Does thing have xauth?

*shakes head*
Unfortunately, no it doesn't. I'm guessing it has to have this to provide
X11 connection forwarding, right?

What I'm trying to do is forward an X client connection through two
firewalls to my internal box. Eg:

Crystaldragon -> Tank (firewall) -> { I-net } -> Thing (firewall) -> Nadesico

Both Tank and Thing are Linux servers/firewalls. I'm sitting at
Crystaldragon and want an xterm run on Nadesico to appear here. My guess is
if SSH requires xauth to be present, then I can't do this via the X11
forwarding option. How, then, is it possible to do this forwarding securely?
Is it possible to setup a pair of SSH tunnels running on Tank and Thing that
forwards incoming connections from Nadesico to Crystal?

-- 
Thomas "Mondoshawan" Tate
mondoshawan@tank.dyndns.org
http://tank.dyndns.org