Loading ...
Sorry, an error occurred while loading the content.

SlugOS as ssh/x11 gateway

Expand Messages
  • Vitus Jensen
    Hej! I m using a NSLU2 as a gateway into my home LAN. Works quite good as long as I need simple shell access. But I would like to start X11 programs on a
    Message 1 of 3 , Feb 6, 2008
    • 0 Attachment
      Hej!

      I'm using a NSLU2 as a gateway into my home LAN. Works quite good as long
      as I need simple shell access. But I would like to start X11 programs on a
      machine in my home LAN and route the display to a remote station, this
      doesn't work.

      I've tried 2 methods

      1) "ssh -X vitus@..." (= login on NSLU2)
      followed by "ssh -X vitus@lan-machine" (= login from NSLU2 to
      lan-machine)
      2) "ssh -L 1234:lan-machine:22 vitus@..."
      followed by "ssh -X -p 1234 127.0.0.1"

      The second method creates a port forwarder on localhost which route from
      local port 1234 to port 22 (ssh) on lan-machine. Both methods allow me to
      access the shell on lan-machine, but DISPLAY is never set. Is this because
      there are no X11 libs on NSLU2? I thought that the second method should be
      totally transparent to NSLU2 and wouldn't need any special code on that
      machine.

      Any pointers how to get X11 traffic through NSLU2?
      Vitus


      PS: "GatewayPorts" is enabled on NSLU2
    • Shane Kerr
      Vitus, ... If you try running ssh with -v you will probably get the answer. My guess is something like this: debug1: Requesting X11 forwarding with
      Message 2 of 3 , Feb 7, 2008
      • 0 Attachment
        Vitus,

        On Thu, Feb 07, 2008 at 03:29:24AM +0100, Vitus Jensen wrote:
        >
        > I'm using a NSLU2 as a gateway into my home LAN. Works quite good
        > as long as I need simple shell access. But I would like to start
        > X11 programs on a machine in my home LAN and route the display to a
        > remote station, this doesn't work.
        >
        > I've tried 2 methods
        >
        > 1) "ssh -X vitus@..." (= login on NSLU2)
        > followed by "ssh -X vitus@lan-machine" (= login from NSLU2 to
        > lan-machine)
        > 2) "ssh -L 1234:lan-machine:22 vitus@..."
        > followed by "ssh -X -p 1234 127.0.0.1"
        >
        > The second method creates a port forwarder on localhost which route
        > from local port 1234 to port 22 (ssh) on lan-machine. Both methods
        > allow me to access the shell on lan-machine, but DISPLAY is never
        > set. Is this because there are no X11 libs on NSLU2? I thought
        > that the second method should be totally transparent to NSLU2 and
        > wouldn't need any special code on that machine.
        >
        > Any pointers how to get X11 traffic through NSLU2?

        If you try running ssh with "-v" you will probably get the answer. My
        guess is something like this:

        debug1: Requesting X11 forwarding with authentication spoofing.
        debug1: Remote: No xauth program; cannot forward with spoofing.

        You should be able to install just the xauth program:

        # ipkg install xauth

        Note that I'm using Debian so I don't really know. ;)

        --
        Shane
      • Vitus
        Hi Shane! ... No, not really :-( ... ... debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key:
        Message 3 of 3 , Feb 8, 2008
        • 0 Attachment
          Hi Shane!

          --- In nslu2-linux@yahoogroups.com, Shane Kerr <shane@...> wrote:
          >
          > On Thu, Feb 07, 2008 at 03:29:24AM +0100, Vitus Jensen wrote:
          > >
          > > I'm using a NSLU2 as a gateway into my home LAN. Works quite good
          > > as long as I need simple shell access. But I would like to start
          > > X11 programs on a machine in my home LAN and route the display to a
          > > remote station, this doesn't work.
          > >
          > > I've tried 2 methods
          > >
          > > 1) "ssh -X vitus@..." (= login on NSLU2)
          > > followed by "ssh -X vitus@lan-machine" (= login from NSLU2 to
          > > lan-machine)
          > > 2) "ssh -L 1234:lan-machine:22 vitus@..."
          > > followed by "ssh -X -p 1234 127.0.0.1"
          > >
          > > The second method creates a port forwarder on localhost which route
          > > from local port 1234 to port 22 (ssh) on lan-machine. Both methods
          > > allow me to access the shell on lan-machine, but DISPLAY is never
          > > set. Is this because there are no X11 libs on NSLU2? I thought
          > > that the second method should be totally transparent to NSLU2 and
          > > wouldn't need any special code on that machine.
          > >
          > > Any pointers how to get X11 traffic through NSLU2?
          >
          > If you try running ssh with "-v" you will probably get the answer.

          No, not really :-(


          > My guess is something like this:
          >
          > debug1: Requesting X11 forwarding with authentication spoofing.
          > debug1: Remote: No xauth program; cannot forward with spoofing.

          ...
          debug1: Authentications that can continue: publickey,keyboard-interactive
          debug1: Trying private key: /home/jen/.ssh/id_dsa
          debug1: Next authentication method: keyboard-interactive
          Password:
          debug1: Authentication succeeded (keyboard-interactive).
          debug1: channel 0: new [client-session]
          debug1: Entering interactive session.
          debug1: Requesting X11 forwarding with authentication spoofing.
          debug1: Sending environment.
          debug1: Sending env LANG = de_DE.UTF-8
          Last login: Thu Feb 7 14:50:32 2008 from newslug
          vitus@asterix:~$ env | fgrep DISPLAY
          vitus@asterix:~$


          That's the log when USING the tunnel created in a session to newslug.

          The session which created the tunnel doesn't complain at all:

          vitus@newslug:~$ debug1: Connection to port 2200 forwarding to
          192.168.178.130 port 22 requested.
          debug1: channel 5: new [direct-tcpip]
          debug1: client_input_channel_req: channel 4 rtype
          keepalive@... reply 1


          > Note that I'm using Debian so I don't really know. ;)

          On a FatSlug? Any problems with using up all memory and swapping?

          By[t]e,
          Vitus
        Your message has been successfully submitted and would be delivered to recipients shortly.