by Mathias Franziu » Thu, 03 Dec 1998 04:00:00
I want to redirect the X-Output from a workstation at my university
to my PC. The Gateway that connects my LAN with the university LAN
seems to block these packets.
The admin will not change this.
1. What kind of protocol is used for the X-client/server communication?
2. Is there any (freeware etc) tool available to tunnel it via http or
ftp?
Thanks a lot in advance,
Mathias
by John Mell » Thu, 03 Dec 1998 04:00:00
> 1. What kind of protocol is used for the X-client/server communication?
> 2. Is there any (freeware etc) tool available to tunnel it via http or
> ftp?
Ssh uses port 22 for its communications.
Ssh normally does 1024-bit host key identrification, and 768-bit encryption.
This exceeds military-grade cipher requirements, and should satisfy any
security concerns that the admin may have. Its far more secure than his
admin connection to the firewall would be.
Once you have ssh in place, you won't need ftp, since scp will perform the
same functionality as rcp, but encrypted again.
I had a brain-dead firewall administrator, who wanted to deny all access.
He would only allow outbound connections to start. What I ended up doing,
was to start up a window on my home machine (Linux) from my work machine
(Solaris) and firing keep-alive messages through constantly from a background
process. This kept the connection up for weeks at a time.
--
John Mellor Process Improvements Kitchener, Ontario, Canada
by Christopher B. Brow » Thu, 03 Dec 1998 04:00:00
You might want to verify that "exceeds military-grade cipher requirements"Quote:>Ssh normally does 1024-bit host key identrification, and 768-bit encryption.
>This exceeds military-grade cipher requirements, and should satisfy any
>security concerns that the admin may have.
I suspect you'll find that the claim that any cipher that is readily
available to the public may be considered to "exceed military-grade
cipher requirements" to be a little less than credible.
--
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer <http://www.hex.net/~cbbrowne/canada.html>
by Mathias Franziu » Mon, 07 Dec 1998 04:00:00
> > I want to redirect the X-Output from a workstation at my university
> > to my PC. The Gateway that connects my LAN with the university LAN
> > seems to block these packets.
> > The admin will not change this.
> > 1. What kind of protocol is used for the X-client/server communication?
> > 2. Is there any (freeware etc) tool available to tunnel it via http or
> > ftp?
> See if they will forward ssh connections. Perhaps they already do.
> One of the things that the ssh suite does is to forward encrypted
> and compressed X sessions. Not only is it secure, but it is much
> faster than regular X. There is also a WindowsNT client available.
> Ssh uses port 22 for its communications.
Thanks,Quote:>[...]
2. Problem with binding of socket addresses
3. Help on firewall ruleset for routing X (Exceed) thru the Linux firewall
4. Apache Configuration Problem !Help!
6. Trouble using VNC thru a ssh tunnel
8. IP tunneling thru X.25 public network. Possible ?
9. Extra ACKs if thru IP Tunnel ?
10. FreeS/Wan & iptables -- fwd Web traffic thru tunnel
11. How do I get a Voodoo3 to output thru S-video rather than regular moniter?
12. sending raw output thru the spooler