[Fwd: Re: x2x]

[Chris]

Paul Lussier wrote:
> Derek Martin <invalid at pizzashack.org> writes:
> 
> 
>>That means if you type a password on the local machine,
>>destined for an input box on the remote machine's display, it travels
>>over the network unencrypted.  That's bad.  So, I want to run x2x over
>>an encrypted tunnel.  It can be done with ssh, but figuring out how is
>>a little brain-twisting.  
> 
> 
> Another solution to this problem would be to establish an IPSec SA
> between all the machines in question.  With that, there's no need for
> ssh at all, not need for X forwarding, etc.  Just run x2x however you
> want.  Of course, this means that you need to futz with IPSec, which
> is no trivial matter, but once it's established, you really don't even
> need to bother with ssh at all for this type of thing.
> 
Another possibility which I had to implement at work because of port
blocking is as follows...

use the -L or -R options on ssh to forward local ports to a remote host.

on my Linux system at home, I forward incoming traffic on one port to
another port on a local system using this syntax:

ssh -G -C -L incomingport:internal_host:listeningport localhost

which basically says anything coming on the ssh tunnel targeted for this
host and the incoming port, should be redirected to listeningport @
internal_host

the -C specifies compression, and the -G allows remote hosts to connect
to local ports.

-- 
IBA #15631


-- 
IBA #15631