I would like this thread to cover a wide range of topics and not get too into any one approach or turn into an argument about which methods are best but I think that's going to be difficult.
I installed openssh via the puppy package manager. I can give you info about my sshd_config but I'd like to discuss other topics first. But let's paradoxically start with this anyway:
Code: Select all
ssh -X root@127.0.0.1
root@127.0.0.1's password:
Warning: No xauth data; using fake authentication data for X11 forwarding.
Warning: Remote host denied X11 forwarding.
I was able to open a different display on a different socket with something like
Code: Select all
Xephyr :3 &
export DISPLAY=':3'
xterm #I think you need this if you are using ssh
geany
It doesn't work with tcp sockets. i.e. using
Code: Select all
export DISPLAY='127.0.0.1:3' #Not sure if I need a space after the ip address
Code: Select all
/usr/bin/xinit /root/.xinitrc -- -br -nolisten tcp > /tmp/xerrs.log 2>&1
Xserver provides some security features described at:
https://www.x.org/archive/X11R6.8.1/doc ... ity.7.html
I don't yet understand why they are or are not adequate for my needs but I found some info on this:
https://tstarling.com/blog/2016/06/x11- ... isolation/
as a note since initially we discussed modifying an argument to xinit, some info about what it does is interesting (if one doesn't know it):
http://www.tldp.org/HOWTO/XWindow-User- ... ningx.htmlxinit will look for a .xinitrc file in the user's home directory, to run as a shell script. If found, this then would in turn run whatever user specified commands to set up the environment, or launch programs that the file contained. If this file does not exist, xinit will use the following initial command:
Code: Select all
xterm -geometry +1+1 -n login -display :0
If no .xserverrc is found in the user's home directory, X itself will be started with the following command:
Code: Select all
X :0
I'll post some more stuff once I learn more.
Also as noted one alternative way to remote than ssh XForwarding is XDMCP. Some info about it can be found at:
The XDMCP HOWTO
The XDM and X Terminal mini-HOWTO .
As a final note on ssh, if for some reason XForwarding isn't working one could try something like this instead:
Code: Select all
ssh -C -R 6000:127.0.0.1:6000 alice@server "DISPLAY=:0.0 xterm"
This though would require the removal of the nolisten option noted above.
The following link has a buch of links to related topics:
http://www.tldp.org/HOWTO/XWindow-User- ... html#links