[Wolves] Remote X sessions

James Turner james at turnersoft.co.uk
Fri Nov 28 00:16:13 GMT 2003 

On Thursday 27 Nov 2003 7:37 pm, Peter Oliver wrote:

> 1) From an already running X session:
> Xnest -once -query remotehost :1
>
> 2) From the console:
> X -once -query remotehost :1

A variant which is one of my favourites is:

X -indirect remotehost :1

This version displays a menu (known as a "chooser"), listing the hosts on the 
local network which are running a display manager (xdm, gdm, kdm, etc) and 
are willing to let you log in remotely. You can then click (or double click, 
or whatever) on a host from the menu to proceed to its login prompt.

In the command above, the X server would be started on display :1, and the 
menu itself would be sent over the network from the display manager running 
on remotehost. The last time I checked (admittedly some time ago), xdm and 
gdm both supported choosers, but kdm didn't.

A setup I quite like for "terminal"-type machines is to run the chooser 
locally (and launch the local X server using something like X -indirect 
localhost :0), so that the machine has a self-contained menu for available 
XDMCP hosts which appears once it starts up. (Only designated servers would 
be set up to accept XDMCP other than from localhost, and hence appear on the 
menu).

Finally, there's a "lucky dip" option, which will connect you to the first 
server to respond to the request:

X -broadcast :1

I presume this would be most useful for either testing or in some sort of load 
balancing or failover situatoin.

This all works quite nicely with Cygwin/XFree86 (obtainable from 
http://www.redhat.com/download/cygwin.html) allowing you to run a remote X 
desktop on a Windows machine. (Could this be useful for Aq's wife? The last I 
heard, she'd forced him to switch her machine to Windows 2000!) You can even 
run X applications as free-standing windows (rather buggily at the moment), 
alongside native Windows applications.

> Getting any of this working over SSH is left as an exercise for the
> reader.  I suspect a full-blown VPN would be an easier way to go than SSH
> port-forwarding.

Agreed. To quote from the XDMCP HOWTO in the Linux Documentation Project:

"Using XDMCP is inherently insecure, therefore, most of the distributions 
shipped as it's XDMCP default turned off. If you must use XDMCP, be sure to 
use it only in a trusted networks, such as corporate network within a 
firewall. Unfortunately, XDMCP uses UDP port 177 and TCP port 6000; 
therefore, it is not natively able to use it with SSH. Currently, SSH1 and 
SSH2 are not implemented to securely forward the UDP communication."

Happy hacking!

James

More information about the Wolves mailing list