RE: [MLUG] Remote X for Bengal HOWTO

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "MLUG Members" <EMAIL:PROTECTED>
Subject: RE: [MLUG] Remote X for Bengal HOWTO
From: "Robb III, George B." <EMAIL:PROTECTED>
Date: Wed, 8 Sep 2004 11:32:33 -0500
Reply-to: MLUG Members <EMAIL:PROTECTED>
Sender: EMAIL:PROTECTED
Thread-index: AcSVwMDwd2/pxt96Sc6e9eEMwcmfoQAAD7Iw
Thread-topic: [MLUG] Remote X for Bengal HOWTO

Just a suggestion...  

But, should we have tried this on the MLUG box of power before we decide
to run Mozilla in our Virtual X environment off of Bengal...  Or at
least contacted a Bengal sys admin?   

It seems to me that it may hog a few more resources on Bengal than are
available... And the last thing that MLUG needs is a campus *nix admin
pissed...

George

-----Original Message-----
From: EMAIL:PROTECTED
[mailto:EMAIL:PROTECTED] On Behalf Of Mark Rages
Sent: Wednesday, September 08, 2004 11:27 AM
To: MLUG Members
Subject: [MLUG] Remote X for Bengal HOWTO

On Tue, Sep 07, 2004 at 12:34:50PM -0500, Christian M. Cepel wrote:
> I just wasted a night trying to figure out how to run an X app my wife

> has used before, which exists in bengal, and has successfully run for 
> her CECS365 (I think) class using the SGIs in ebw.

OK, I figured a way.  I wrote two scripts to use:

First, log into Bengal.  This script will install an xterm for you.  I 
just copied the one from my Fedora box:

#!/bin/sh
echo "This script downloads and installs an xterm for Bengal use"

BINDIR=~/bin
XTERM=xterm

mkdir -p $BINDIR
cd $BINDIR
wget http://mlug.missouri.edu/~markrages/xterm
chmod +x xterm

grep $BINDIR ~/.tcshrc >/dev/null || \
( echo "setenv PATH \${PATH}:$BINDIR" >> ~/.tcshrc && \
  \
  echo "Run this command and xterm installation will be complete:" && \
  echo "source ~/.tcshrc ; rehash" )

echo "Done"

# END SCRIPT

Now, log out.

Run this script to open an xterm on Bengal:

#!/bin/sh
BENGAL_UID=abc123

OFFSET=$(( 10 + `date +%S` ))

echo "Allowing connections from localhost."
xhost +127.0.0.1

exec ssh -R$(( 6000 + $OFFSET )):127.0.0.1:6000 
EMAIL:PROTECTED "xterm -display 127.0.0.1:$OFFSET"

echo "Disallowing connections from localhost."
xhost -127.0.0.1

# END SCRIPT

Notice the Bengal userid is hardcoded in the second line.  Adjust 
appropriately.

Now this second script has huge limitations:

1) the port on Bengal may be in use.  I semi-randomly choose a screen 
between 10 and 70 based on the seconds of the wall clock.

2) The script opens your local X session to any user on the local host.

Any user on the local computer could look at your window or read your 
keystrokes.  This is no better security than a Windows user would have. 
I messed around with xauth to try to do this properly, but what a mess!

3) The script closes your local X session after it's done.  Maybe you 
*wanted* it to be open.

4) The script should really send off an email to Bengal support each
time it runs, asking them to fix X tunneling properly.  I mean, making
users' lives difficult often results in decreased security, whether it
is forcing password changes (which results in
sticky-notes-on-the-monitor) or in unskilled hacks like this script.

Regards,
Mark
EMAIL:PROTECTED
-- 
You think that it is a secret, but it never has been one.
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members

Follow-Ups:
- Re: [MLUG] Remote X for Bengal HOWTO
  - From: Mark Rages <EMAIL:PROTECTED>

Prev by Date: Re: [MLUG] Help with Remote X for Bengal.
Next by Date: [MLUG] Postfix and STARTTLS on 587
Previous by thread: Re: [MLUG] appache problems
Next by thread: Re: [MLUG] Remote X for Bengal HOWTO
Index(es):
- Date
- Thread