Andy Stewart <andystewart@mediaone.net> writes:
I would like to be able to setup some kind of tunnel so that I can use SSH to log into my machine at home and forward the X11 display.
Currently, I can successfully SSH into my firewall, and from there either telnet or SSH into the machine of interest on my home network. This works OK for text but not for X.
So, let's say for sake of argument that I am on a computer at the Linux Showcase in California. How can I set this up so that I can tunnel through my home firewall to the machine of interest on my home network and have the X display from the home machine forward to the machine at the conference? I think its just a matter of syntax on the SSH command line, but I can't seem to get it right.
ssh does X forwarding. For example: ssh -X <hostname> <command> will auto-forward the X connections over the secure connection. Now, if you want to automate it with your firewall, you could do like Chuck suggested, and have iptables forward a connection on an alternate port to an internal machine's port 22. This might be the best way, so you don't have to ssh to the firewall, then ssh to your internal host. but, if you don't mind multiple ssh connections, this works: ssh -C -t -A -X <host1> ssh -t -A -X host2 <command> -C == compression -t == allocate tty (otherwise the second ssh complains there is no terminal. -A == agent forwarding, not sure if you use the agent (it rocks!) -X == X forwarding I do this kind of thing, and it works well. keep in mind, that you may need to enable X forwarding on the server side in /etc/ssh/sshd_config good luck, -- Josh Huber