ITG Unix Support
>    
     |  List directory  |  History  |  Similar  |  Print version  
OS
IRIX
Solaris
Linux
Windows
CUE
HPC
Condor
Bryce Cluster
Cloudcity Cluster
IonMan Cluster
Arches Cluster
Pople Cluster
Software
Services
FTP Hosting
Backups
Projects
EasyCondor
busynode
NavAlert

Software > Configuring Exceed for X11 Tunnelling

Configuring Exceed for X11 Tunnelling

Exceed, by default, allows any remote host to launch applications and redisplay them to your Windows machine. While this does not sound threatening, it also means that any remote host can record your keystrokes, monitor your sessions, and even take screenshots of what you are doing in Windows!

SSH Tunnels: The Better Way

SSH supports something called X11 Tunnels. To be brief, when you SSH into any host that allows it, it automatically configures your X11 session, and sends the graphics back to your Windows workstation encrypted with SSH. That's right, you no longer have to mess with setting DISPLAY in your startup scripts or using xauth

Securing Exceed

The first thing we will want to do is lock down what machines can access your Windows desktop through Exceed. Normally, you only configure it to be the machine you are currently logged in to, named "localhost".

  • When Exceed is running, Right click on the Exceed window in your task bar
  • Click "Tools", then "Configuration"
  • Double Click on the "Security" Icon
  • Click on the Radio button that says "File:" next to it at the top.
  • Click "Edit", this opens xhost.txt within Notepad.
  • At the end of this file, add "localhost", and make sure to press enter after it to start a new line.

Changing your Secure Shell Client Profiles

  • Launch Secure Shell Client
  • Click on the "Profiles" button
  • Select "Edit Profiles", which brings up your profiles screen
  • Select Each Profile, one by one, and click on the Tunneling Tab. Make sure the checkbox for "Tunnel X11 Connections" is enabled.

Changing your UNIX Login Scripts

With SSH Tunneling, you no longer need to set your DISPLAY variable. It should be automatically configured. If you have hardcoded your hostname in your startup file (.cshrc, .profile, .zprofile), be sure to comment it out.

Testing

When you connect to a UNIX machine, you can type the following to see if your DISPLAY has been autoconfigured properly.

> echo $DISPLAY
localhost:19.0

If it says anything other than localhost, it's quite possible you are not configured properly. If it says nothing, the SSH server on the UNIX side is not configured properly (see Configuring OpenSSH for X11 Forwarding).

You can launch "xclock" as a quick graphics test as well.

 
Reference http://wiki.chem.indiana.edu/Software/ConfiguringExceedForX11Tunnelling
Rights rw-rw-r--   tstrombe   ITG

Prev. Adding applications to your KDE startup   Installing PVFS on a SUSE 9.1 Cluster Next

Powered by coWiki 0.4.0-dev