Enabling SSH forwarding for X11 in general is easy: you simply put X11Forwarding yes in /etc/ssh/sshd_config, then SSH into the server with the -X or -Y (as appropriate for you).

However, if you want to be able to SSH in as a non-privileged user and su to become root, you’ll need to do a little more. Adding the following to the non-privileged user’s .bashrc works for me:

# Allows su to use X11
if [ ! -n "$XAUTHORITY" ]; then
    export XAUTHORITY=~/.Xauthority
fi

su passes environment variables to the new shell, so this ensures that applications that use the X server know where to look for the SSH forwarding info.

This manual configuration isn’t an issue with all distributions, but was required for my Debian Lenny box.

Two servers: remote1 and remote2. Remote1 is behind a firewall.

Situation 1: Port Forwarding

You want to be able to access remote2’s port 2222 as though it was on port 1111 of remote1. That is, telnetting to remote1:1111 will transparently connect you to remote2:2222. On remote1, type:

remote1:~$ ssh -L 1111:remote1:2222 user@remote2

Use this when you want to access services running on a remote server as though it was on the local network, such as accessing your iTunes share remotely.

Situation 2: Reverse Port Forwarding

You want to be able to access remote1’s port 2222 as though it was on port 1111 of remote2. That is, you want to be able to connect to the server that is behind the firewall, using the other server as a proxy of sorts, punching through the firewall. On remote1, type:

remote1:~$ ssh -R 1111:remote1:2222 user@remote2

Use this when you want to be able to remotely access a server that’s behind a firewall.

To ensure that its connection is restarted if it dies unexpectedly, you can type:

while true ; do ssh -R 8022:localhost:22 suso@my.home.ip.address; \
sleep 60 ; done

If you’re running this on a Mac, you’ll want to play around with the launch daemon, launchd and its magical XML files. I recommend just using Lingon instead.

Source

Many thanks to Suso’s SSH on Linux Tutorial. It goes over some other useful stuff, too.

[core] line 0: CoreBlocks->action_block_content_meta_links( …1 args… ) system/classes/plugins.php line 80: call_user_func_array( …1 args… ) system/classes/theme.php line 1237: Plugins::act( …1 args… ) [core] line 0: Theme->theme_area( …1 args… ) system/classes/plugins.php line 218: call_user_func_array( …1 args… ) [core] line 0: Plugins::theme( …1 args… ) system/classes/theme.php line 1063: call_user_func_array( …1 args… ) user/themes/habari-mysophobia/footer.php line 3: Theme->__call( …1 args… ) user/themes/habari-mysophobia/footer.php line 3: MysophobiaTheme->area( …1 arg… ) system/classes/rawphpengine.php line 96: include( …1 arg… ) system/classes/theme.php line 534: RawPHPEngine->display( …1 arg… ) user/themes/habari-mysophobia/multiple.php line 50: Theme->display( …1 arg… ) system/classes/rawphpengine.php line 96: include( …1 arg… ) system/classes/theme.php line 534: RawPHPEngine->display( …1 arg… ) system/classes/theme.php line 151: Theme->display( …1 arg… ) system/classes/theme.php line 317: Theme->display_fallback( …1 arg… ) system/classes/theme.php line 418: Theme->act_display( …1 arg… ) system/handlers/userthemehandler.php line 45: Theme->act_display_tag( ) system/classes/controller.php line 186: UserThemeHandler->act( …1 arg… ) system/index.php line 193: Controller::dispatch_request( ) index.php line 21: require( …1 arg… )

Forward X11 over SSH after you su

Date

Time

Tags

Reverse SSH forwarding

Date

Time

Tags

Situation 1: Port Forwarding

Situation 2: Reverse Port Forwarding

Source

Pages

Archives

Recent Posts

Tags

Tweets

Subscribe