Yes it works for Xwindows apps if the ssh program
and sshd program are configured for it....
I have a openbsd server - (native support of openssh)
I configured it to allow Xwindows to go through it
excerpt from /etc/sshd_config
"............
# This is ssh server systemwide configuration file.
Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for
RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
...................."
On a MSwindows platform I can start an Xsession with
an application like X-WinPro ($99)
Then I can launch a program to make the ssh connection.
ssh.com has one for about $100 I think and it supports ssh ver 2
but I use the freeware (only ssh ver 1 unfortunately) called tssh.exe
I have to make sure my tssh application has display X11 remote
applications set (dialog window under EDIT-SSH_FORWARDING for setting
other apps on other ports). I make an ssh connection and login
THEN If I want to make sure all is well
echo $DISPLAY
and you should see something like a proxy for the head...
xxx.xxx.xxx.xxx:10.0 where xxx.xxx.xxx.xxx is address of the sshd
server not the xserver on say the workstaion.
DONT set the DISPLAY and watch out for "su -"
and changing DISPLAY because the openssh server set it I think...
Now run an xprogram like xterm
and it tunnels through the connection, and if I do some "ps"
commands or "top" on the unix server I can see the activity and
note that it is going through ssh
- note if you are not carefull you could send an x program
without encryption, was doing that on my redhat when I set the $DISPLAY
myself instead of configureing X11Forwarding for the ssh
server .... oops...
Hope that helps...
-paul
On Fri, 15 Sep 2000, Soul Fire wrote:
> Thanks for the direction. I know that openssh would replace the need for telnet
>right off the
bat but does it allow for other apps to ride over the encrypted stream as well?
>
> s0ulfire
>
>
>
> -----Original Message-----
> From: Sean Walker [EMAIL PROTECTED]
> Sent: Fri, 15 Sep 2000 09:12:20 -0700
> To: [EMAIL PROTECTED]
> Subject: RE: Apps over SSL
>
>
> Try the openssh project. I believe that this uses openssl as the backbone
> for a telnet session (encrypted rsh, rcp). I've been using this for some
> time now and love it. Check out http://www.openssh.com/ for info. It is an
> org, but the .org name was already taken.
>
> Sean Walker
> www.SurfMy.Net
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Soul Fire
> > Sent: Friday, September 15, 2000 8:44 AM
> > To: [EMAIL PROTECTED]
> > Subject: Apps over SSL
> >
> >
> > Hello folks,
> > I am trying to get applications e.g. telnet to run over
> > SSL. However, I am not quite sure on how to go about
> > accomplishing this. I am able to setup SSL connections
> > between a home grown client and the sample HTTP server
> > provided in the distribution - coded in Perl.
> >
> > Any ideas?
> >
> > Appreciate your help.
> >
> > Regards,
> >
> > s0ulfire
> > ______________________________________________________________
> > _____________
> > Visit http://www.visto.com/info, your free web-based
> > communications center.
> > Visto.com. Life on the Dot.
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
>
>
> ___________________________________________________________________________
> Visit http://www.visto.com/info, your free web-based communications center.
> Visto.com. Life on the Dot.
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
