ssh X11Forwarding through host without X11 impossible?

Hi all,

3 hosts: A, B and C running Fedora Core 3, Debian Sarge og RHEL 3.0,
respectively. I'm logged onto console on host A and wish to connect to
host C via host B using ssh. My goal is to launch X11 applications on
host C and display them on host A.

Note that host B, a firewall exposed to the internet, does *not* has
X11 installed.

/etc/ssh/sshd_config on all hosts contain:
X11Forwarding yes
X11DisplayOffset 10

### Attempt 1 ###
A# export DISPLAY=:10.0
A# ssh -X B
B# export DISPLAY=:10.0
B# ssh -X C
C# xterm
connect /tmp/.X11-unix/X10: No such file or directory
X connection to localhost:10.0 broken (explicit kill or server
shutdown).

### Attempt 2 ###
A# unset DISPLAY
A# ssh -X B
B# unset DISPLAY
B# ssh -X C
C# xterm
xterm Xt error: Can't open display:

### Question ###

Is it impossible to tunnel a ssh connection with X11Forwarding through
a host (host B in the above example) without X11?

Best regards,
Andreas
--

(E-Mail Removed) wrote:
> Hi all,
>
> 3 hosts: A, B and C running Fedora Core 3, Debian Sarge og RHEL 3.0,
> respectively. I'm logged onto console on host A and wish to connect to
> host C via host B using ssh. My goal is to launch X11 applications on
> host C and display them on host A.
>
> Note that host B, a firewall exposed to the internet, does *not* has
> X11 installed.
>
> /etc/ssh/sshd_config on all hosts contain:
> X11Forwarding yes
> X11DisplayOffset 10
>
> ### Attempt 1 ###
> A# export DISPLAY=:10.0
> A# ssh -X B
> B# export DISPLAY=:10.0
> B# ssh -X C
> C# xterm
> connect /tmp/.X11-unix/X10: No such file or directory
> X connection to localhost:10.0 broken (explicit kill or server
> shutdown).
>
> ### Attempt 2 ###
> A# unset DISPLAY
> A# ssh -X B
> B# unset DISPLAY
> B# ssh -X C
> C# xterm
> xterm Xt error: Can't open display:

you should not feedle with the DISPLAY variable. ssh will manage it for you.

Verify that on A: you have the DISPLAY variable correctly set.
Basically, if you launch "xterm" from A, it should open on your server

then do:
A# ssh -X B
B# ssh -X C
C# xterm
*should work*
If not, try ssh -Y instead of ssh -X


Olivier

Hello,

On Wed, 14 Sep 2005 22:21:56 +0200, Olivier wrote:

> (E-Mail Removed) wrote:
>
> A# ssh -X B
> B# ssh -X C
> C# xterm
> *should work*
> If not, try ssh -Y instead of ssh -X

I've also used
A# xauth list
....
C# export DISPLAY=A:0
C# xauth add $DISPLAY <paste the magic cookie>

HTH,

--tim

Tim Lingard wrote:

> C# export DISPLAY=A:0

This bypasses the forwarding via SSH, and sends the X data directly between
A and C. This is less secure (the SSH-forwarded data is encrypted), and
can run into routing/firewall problems depending upon the details of the
connectivity of A and C.

However, it will almost certainly be quicker than forwarding through B if
the above does work.

- Andrew

Hello,

On Sat, 17 Sep 2005 11:52:55 -0400, Andrew Gideon wrote:

> Tim Lingard wrote:
>
>> C# export DISPLAY=A:0
>
> This bypasses the forwarding via SSH, and sends the X data directly between
> A and C. This is less secure (the SSH-forwarded data is encrypted), and
> can run into routing/firewall problems depending upon the details of the
> connectivity of A and C.

You're right. Olivier's suggestion works well for me.

--tim