From owner-freebsd-questions Sat Jun 29 12:19:12 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C20FD37B406 for ; Sat, 29 Jun 2002 12:19:00 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6A37743E13 for ; Sat, 29 Jun 2002 12:18:59 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost.infracaninophile.co.uk [IPv6:::1]) by smtp.infracaninophile.co.uk (8.12.4/8.12.4) with ESMTP id g5TJIutD018848; Sat, 29 Jun 2002 20:18:56 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.4/8.12.4/Submit) id g5TJIpAJ018847; Sat, 29 Jun 2002 20:18:51 +0100 (BST) Date: Sat, 29 Jun 2002 20:18:51 +0100 From: Matthew Seaman To: Gary Jennejohn Cc: Kent Stewart , Jan Rocho , freebsd-questions@FreeBSD.ORG Subject: Re: x-server remote connection problem Message-ID: <20020629191851.GA18775@happy-idiot-talk.infracaninophi> References: <3D1DF9CC.1050507@owt.com> <200206291827.g5TIRpBQ050586@peedub.jennejohn.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200206291827.g5TIRpBQ050586@peedub.jennejohn.org> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Jun 29, 2002 at 08:27:51PM +0200, Gary Jennejohn wrote: > Kent Stewart writes: > > Jan Rocho wrote: > > > There is another X-Problem. I have two computers, one running Linux > and the > > > other running FreeBSD. When I ssh into my linux system and do > > > export DISPLAY="192.168.1.2:0" and then start an application I get a > > > conncetion error message. It can't connect to the X-Server on my > FreeBSD sy > > stem. I > > > have however allowed all connections to the X-Server (xhost +). So > that sho > > uld > > > work. Then I portscanned my FreeBSD system and found out that there is > no > > > Port for the X-Server open. How do get around that problem? > > > > > > I am not sure at this point but I usually have to "xhost > > other_computer" before it will start the xterm on the other computer. > > > > Another possiblity, if you use startx to start X, is that the server > was started with "-nolisten tcp". If that's the case then you have > to do ``startx -listen_tcp'' to avoid that. It's documented in the > startx manpage. Even better is to ensure that you have `X11Forwarding yes' in sshd_config and ssh_config on both machines. Then when you ssh into your other host, you should find that the DISPLAY variable is automatically set to something like DISPLAY=otherhost:10, and any X applications you start on otherhost will display on your desktop using an encrypted ssh tunnel between the two hosts. You can use "-nolisten tcp" on your desktop with this scheme, and it's not necessary to use xhost to relax access control either. Note that saying xhost+ on a machine with Internet access is horribly insecure. That gives open access to your X display, and Mr Blackhat can do very nasty things to you like putting a transparent window over your whole display and so capturing all keystrokes you make. Not good. Running X sessions unencrypted over a network is about as snoopable as using, say, telnet so be careful about where you do that too. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Tel: +44 1628 476614 Marlow Fax: +44 0870 0522645 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message