[wplug] Tunneling X across multiple SSH hops?

Vanco, Don don.vanco at agilysys.com
Thu Apr 21 14:51:14 EDT 2005 

> -----Original Message-----
> From: wplug-bounces+don.vanco=agilysys.com at wplug.org
> [mailto:wplug-bounces+don.vanco=agilysys.com at wplug.org] On
> Behalf Of Poyner, Brandon
> Sent: Thursday, April 21, 2005 1:34 PM
> To: General user list
> Subject: RE: [wplug] Tunneling X across multiple SSH hops?
> 
> 
> The first hop machine does not need to have X installed but it must at
> least have xauth installed.  If you run 'xauth list' after connecting
> through ssh does it report magic cookie information?  Does the
> $DISPLAY environment variable get set? 

	Well, that hoses that idea - the first hop is a (old) VMWare ESX
box - no xauth on there.



> -----Original Message-----
> From: wplug-bounces+bpoyner=ccac.edu at wplug.org
> [mailto:wplug-bounces+bpoyner=ccac.edu at wplug.org] On Behalf Of Vanco,
> Don Sent: Thursday, April 21, 2005 1:14 PM
> To: General user list
> Subject: RE: [wplug] Tunneling X across multiple SSH hops?
> 
wplug-bounces+don.vanco=agilysys.com at wplug.org <> scribbled on :

>> On Fri, Apr 15, 2005 at 02:06:08PM -0400, Vanco, Don wrote:
>>> Anyone have a quick-n-dirty set of instructions for getting X to
>>> "play nice" across multiple SSH hops?
>> 
>> Just use "-X" (forward X connection) along each hop:    A$ ssh -X B
>>    B$ ssh -X C
>>    C$ xclock
>> displays the clock on A.
>> 
>> You might have to make sure that X forwarding is enabled in your
>> configuration (ForwardX11 in ssh_config, X11Forwarding in
>> sshd_config) 
> 
> 	This is what I expected to work - but it does not:
> first hop (via SSH):
> login as: vancod
> Sent username "vancod"
> vancod at 206.132.103.194's password:
> Last login: Tue Apr 22 13:17:02 2003 from psefw-web.agilysys.com
> 
> Second hop:
> [vancod at claw vancod]$ ssh root at 10.10.10.113
> root at 10.10.10.113's password:
> Last login: Thu Apr 21 12:54:38 2005 from 10.10.10.200 [root at titan
> root]# xclock Error: Can't open display:
> 
> 	All of the SSH config files are set to forward X.
> 
> 	One key thing I forgot to mention - the firewall...
> 	I am guessing that because I access server one _through_ a
> Microsoft ISA <ahem> firewall that the relevant port data is
> not passing
> through.  As these are not Internet routable I have to go via gateway
> devices... 
> 
> 
> Don
> 
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
> 
> 
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug

More information about the wplug mailing list