Networking X Using the Secure Shell


The secure shell (ssh) command makes it easy to use the remote display facilities of the X Window System, using a command format similar to the one used for general-purpose remote logins. If you've forgotten the general-purpose use of the ssh command, review "Logging In Remotely Using ssh" in Chapter 24, "Using Other Systems Remotely at the Command Line."

Firewall Causing You Trouble?

If you find that many of the techniques in this chapter don't work for your Red Hat Fedora Core 4 system, see the section titled "Configuring Firewall Security for Remote Display" later in this chapter. There, you learn how to alter the firewalling rules on your Fedora Core 4 system to allow incoming ssh or X connections.


Displaying Single Remote Applications Using ssh

To launch a program on a remote computer, causing the application window for the program to appear on your local Red Hat Fedora 4 system's display, call the ssh command like this:

 ssh -oForwardX11=yes -l user remotehost program 

Replace user with your login account on the remote system, remotehost with the hostname of the remote system, and program with the program you want to run. For example, to launch a system load monitor to watch the activity of the processor on a system called steppenwolf where you have a login account called joeuser, you could enter the ssh command as follows:

 [you@workstation20 ~]$ ssh -oForwardX11=yes -l joeuser steppenwolf /usr/X11R6/bin/xload joeuser@steppenwolf's password: 

After you enter your password, the xload application appears, monitoring the processor load on the system called steppenwolf, as shown in Figure 27.2.

Figure 27.2. The xload process has been started remotely on the system called steppenwolf, but its application window appears on workstation20.


You are not limited to starting noninteractive applications like xload this way; you can just as easily remotely interact with programs such as emacs or gedit.

Many Users Can Use the Same Machine at Once

Users new to Linux or Unix often wonder what will happen if they try to run applications on remote systems that are currently in use by other users.

The answer is simple: Everything works as expected, for both users. Because Linux and Unix are multiuser, multitasking, network-oriented operating systems, Linux simply and securely keeps track of which processes and files belong to each user who is currently using the system, whether the user is connected over the network or sitting directly in front of the machine. No user even needs to be aware of others who might be using the same computer system at the same time.


Displaying Many Remote Applications Locally Using ssh

If you want to start a number of programs on a single remote system and cause each of their application windows to be displayed on your local desktop, you might find that calling ssh over and over again for each program you want to start is a time-consuming process.

In such cases, you will find that it is easier to start a terminal window and log in to the remote system using ssh, as you learned to do in "Logging In Remotely Using ssh" in Chapter 24. After you have a command line on the remote system in your terminal window, use the command line in the terminal to start desktop applications as you normally would from the command line. Each desktop application you launch this way is displayed on your local display, as shown in Figure 27.3.

Figure 27.3. After you log in remotely using ssh, you can start as many applications as you like. Here, gedit and xload have been started.


Notice that you can start your applications in the background using the ampersand (&) or use command-line job control techniques as you would at any shell, even though this particular command line is provided by a remote computer system. For more information on shell job control techniques, refer to "Keeping Your Shell Programs Under Control" in Chapter 20, "Creating, Editing, and Saving Text Files."

Displaying Local Applications Remotely Using ssh

You can also allow users at Linux desktops on other computers to start programs on your computer, whose application windows will appear on their displays. This is done using the same technique you just learned, performed in reverse orderthat is, executing the ssh command on the remote system, listing your Red Hat Fedora 4 system as the host to connect to.

For example, if the user at a computer called workstation10.mycompany.com wanted to start the emacs program on your machine, workstation20, to be displayed on her screen using X's remote display capability, she could execute the following command from her command line:

 ssh -oForwardX11=yes -l janeuser workstation20 emacs 

As you can see, the process is symmetrical when using ssh: The system on which the ssh command is executed always displays the application, and the system to which ssh connects actually runs it.

Configuring Firewall Security for Remote Display

Because the technique we're using in this chapter relies on ssh to manage the X Window System connections, your system must be configured to allow incoming ssh connections for this to take place.

Depending on the firewall options you selected when you installed Red Hat Fedora 4, your system might not currently accept incoming ssh connections. If you find that ssh requests from other systems are refused, you need to enable incoming ssh on your system.

To do this, choose Desktop, System Settings, Security Level to display the firewall configuration tool, as shown in Figure 27.4. Note that if you're not logged on as root, you'll be prompted for a password before the tool is displayed.

Figure 27.4. In the Security Level Configuration tool, you can enable incoming ssh connections so that remote users can use remote display.


To ensure that you can accept incoming X and ssh connections, make sure that the SSH option is checked in the Trusted Services box to indicate that incoming ssh connections are to be allowed.



    SAMS Teach Yourself Red Hat(r) Fedora(tm) 4 Linux(r) All in One
    Cisco ASA and PIX Firewall Handbook
    ISBN: N/A
    EAN: 2147483647
    Year: 2006
    Pages: 311
    Authors: David Hucaby

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net