On 30 Sep 15:02, Chris G wrote:
On Tue, Sep 30, 2008 at 02:56:37PM +0100, Brett Parker wrote:
slloooooooooooooow, forwarding X11 over the interwebs is Really Quite Slow. (And this is coming from the guy that used to run Netscape from a UEA machine over an ssh session over a 33.6k modem... even on ADSL it's "not quick").
Oh yes, it is quite slow, but for a quick one off test of something or for occasional use it works and is more straightforward than port forwarding.
My usual wording for it is "horrendously slow", YMMV :)
Hmm, I've never needed to use ssh -Y, and that does smack of insecurity. If ssh -X doesn't work then the remote system is probably just missing xauth, which is kinda useful for X11 sessions.
I need to use "ssh -Y" when doing this from work to my home system, this is working 'backwards' through a port forwarded pipe already and it was easier to try -Y than to fathom out the authorisation complexities.
/me looks perplexed as to why
1) setup ~/.ssh/config to use a ProxyCommand to set up the tunnel to the second machine in the chain 2) ssh -X themagicconfig
Done!
I tend to use something akin to the following:
=== ~/.ssh/config snippet === Host officeworkstation HostName officeworkstation UserKnownHostsFile ~/.ssh/officeworkstation_known_hosts ProxyCommand ~/bin/proxy-office.sh 10.0.0.100 officeworkstation === end snippet ===
=== ~/bin/proxy-office.sh === #!/bin/bash
dest_ip_addr=$1 dest_hostname=$2
dest_ip=$(host $dest_hostname | awk '{print $4}') if [[ "x$dest_ip" != "x" && "x$dest_ip" == "x$dest_ip_addr" ]]; then nc -q1 $dest_hostname 22 else ssh office_gateway_machine "nc -q1 $dest_hostname 22" fi === end script ===
That then works out if I'm in the office or not, throws the traffic straight over the right connections and because I'm using key based auth (and have ssh-agent running) logs me in neatly. Having needed this "rather a lot" in the last few years, I'd say it was quite handy!
For basic port forwarding, though, where the machine in question is available simply, you can do:
=== ~/.ssh/config snippet === Host placetoconnect HostName ip_or_hostname_of_machine LocalForward 8080 localhost:80 === end snippet ===
Then a simple ssh to placetoconnect will automagically setup the port forwarding for you.
Port forwarding is the easier option here, and, as I said before, can be done with PuTTY for those of a windows using nature.
For longer term use you're probably right, for the odd 'one off' ssh -X is useful.
Mostly ssh -X is useful if you need to run something over a huge dataset and it's a graphical app and the data is remote... but generally at that point I tend to use vncserver4, start the app on that, and, of course, as only ssh is allowed do a portforwarding and connect to the port forwarded vnc.
Cheers,