SLUG Mailing List Archives
[SLUG] Re: remote X and firewalls
- To: Slug <slug@xxxxxxxxxxx>
- Subject: [SLUG] Re: remote X and firewalls
- From: Angus Lees <gusl@xxxxxxxxxxxxxxx>
- Date: Wed Oct 25 12:24:37 2000
- User-agent: Mutt/1.0.1i
> The idea is to only let certain users through, not just certain ip addresses.
xauth cookies do this.
in an office/lab environment, the easiest thing to do is use NFS
/home's. then you just make sure DISPLAY is set correctly.
for other places, just setup a simple script that copies the cookie
across, then starts the app. exactly like rstart, except using ssh
rather than rsh/rstartd.
> > redirecting over ssh - probably the most secure. the encryption slows
> > things down a bit.
> Wouldn't the compression options available in ssh make up any slow down?
yes, if the network is your bottleneck. i was thinking of my office here
at work, where the sparc classics don't really have the cpu grunt to
keep the encrypted throughput anywhere near the 10Mb network speed.
over a modem, i would still expect lbxproxy to give ssh compression a
run for its money. best would be lbx over ssh compression, but thats
just getting silly.