On Fri, 24 May 2002, Kyle McDonald wrote: > While all of the things you list below will work. None > of them are needed. X11 will do this on it's own, assuming > that neither machine is blocked/protected by a firewall. > > On the machine you want to run the X client software (the application) > on set your DISPLAY variable to the name of the machine running the > X server software followed by a colon, and the display number on that > machine that you want to display the application on (usually 0 but it > can be other values also.) Something like this: > > export DISPLAY=server.host.com:0 >
Of course this can be done. The problem is that he's doing this over the Internet, an insecure network, and thus is not a recommended option. > Then depending on how that Xserver is configured, you may or may not > need to do the following step. Try it first without doing this. If > it doesn't work then, on the machine running the Xserver, there are > a few things you can try, the easiest of which is to allow the client > application host to connect to the server by running: > > xhost + client.host.org > > Lastly just run your X application: > > xterm& > > Of course there are security issues with anything you do across the internet, > and these instructions were written for ease of use, not security. > > There are more secure ways to allow connections to an Xserver rather than > using 'xhost +'. 'xauth' is a better way, and not much harder but longer to > explain. Marginally better. It still sends everything in the clear once authentication occurs. > > None of the access control mechanisms do any encryption. > > Of the choices listed below, VNC has all the same security issues as > plain X, althought it may have lower bandwidth requirements. I don't > know from the original posters message if bandwidth is a problem. VNC can also be tunneled across SSH. This is probably the best option from a security/bandwidth POV. > > The last two VPN and SSH are basically the same (SSH in effect gives you > a VPN) and both will encrypt all traffic while probably also providing > some element of access control (it really depends on the rest of your setup.) > SSH I beleive does do some compression also. > Not exactly. SSH is only port-forwarding from one host to another. It's not a VPN in the sense that the hosts become part of the same network.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
