DaemonForums  

Go Back   DaemonForums > Miscellaneous > General software and network

General software and network General OS-independent software and network questions, X11, MTA, routing, etc.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 6th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default ssh/rdesktop into host behind NAT

Hello,

My home network is a DSL dynamic IP setup with a gateway router that uses NAT to allow multiple hosts on the one dynamic IP.

What I want to be able to do is to ssh/rdesktop from my laptop into my desktop. I can remote in just fine when the laptop is on that network, but I want to be able to do so when I'm at the University. I obviously can't just use the private IP address when I'm not in the network, but am uncertain of how I can set this up.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #2   (View Single Post)  
Old 6th January 2009
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 696
Default

If you can SSH into the gateway box, then it's a simple matter of using SSH port forwarding: ssh -L 3389:<private IP of box>:3389 <ip of gateway>

Then point rdesktop at localhost, and it will connect to <private IP of box> via the SSH connection.

If you can't SSH into the gateway box (or any box behind the firewall), then you have to enable port forwarding on the gateway. How you do that, depends on the gateway.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
  #3   (View Single Post)  
Old 6th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Cool! I'm halfway there. I can ssh into the host box. I had to modify the firewall on the gateway -- it didn't let anything past -- now ssh (only) can pass.

So I'm ssh'd in I can work on the console, but when I tried to rdesktop localhost it gave me ERROR: cannot open display:

And I missing something? A configuration or an option I missed?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #4   (View Single Post)  
Old 7th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

O.K. - I found I needed to allow X11Forwarding

So I added that to the sshd config and used -X option for the ssh. That takes care of the cannot open display error.

Now, I get ERROR: connect: Connection refused

I've tried localhost, localhost:3389, rdesktop to a different user than I ssh'd into with. Nothing.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #5   (View Single Post)  
Old 7th January 2009
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 696
Default

Are you trying to connect to the same host you SSH into, or to a second host? rsdesktop only works to connect to Windows stations.

Can you draw a simple diagram of how the systems are laid out? Like:
Code:
laptop ---> Internet --> router --> host1 --> host2
where laptop runs FreeBSD, host1 runs FreeBSD, host2 runs Windows, etc.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
  #6   (View Single Post)  
Old 7th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by phoenix View Post
Are you trying to connect to the same host you SSH into, or to a second host? rsdesktop only works to connect to Windows stations.

Can you draw a simple diagram of how the systems are laid out? Like:
Code:
laptop ---> Internet --> router --> host1 --> host2
where laptop runs FreeBSD, host1 runs FreeBSD, host2 runs Windows, etc.
No Windows involved.


Code:
Laptop (NetBSD) ---> Internet ---> router/gateway ---> Desktop (Slackware)
-- or if at home --

Code:
Internet ---> [router/gateway] ---> Desktop (Slackware)
                    |
                    |
                     -------------> Laptop (NetBSD)

I want to control the Desktop from the Laptop. Besides just raw running, I'd like to be able to tunnel audio fom the Desktop to the Laptop, and if possible be able to open a local file from the remote machine -- particular be able to load a CD/DVD on the Laptop and be able to read it on the Desktop.

I can ssh into the Desktop and I can even run X programs through ssh. I can't figure out how to pipe sound or open local files with remote programs.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #7   (View Single Post)  
Old 7th January 2009
KlaymenDK KlaymenDK is offline
New User
 
Join Date: Jan 2009
Posts: 8
Default

Just a hunch, but you may need to add your login name to /etc/ssh/sshd_config:
Code:
AllowUsers me you
#allows clients to log in only as the local users me or you
That is, if you still have the "Connection refused" problem. That's what I needed to do, at least (on FreeBSD 6).
__________________
KlaymenDK
-- 010\001\111 --
Reply With Quote
  #8   (View Single Post)  
Old 7th January 2009
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 696
Default

Okay, your use of "rsdesktop" threw me for a loop, as rdesktop is only used for connecting to Windows stations, and works really well in conjunction with "ssh -L".

But, to connect to a Unix station, and to run X11 apps remotely, that's a totally different scenario.

Two options, depending on how much of the Slackware desktop screen you want to see:
1. ssh -X to the Slackware box. Then run X11 programs from the command-line, and they'll appear on your local screen (laptop). However, as the apps are actually running on the Slackware box, they will only have access to the files on the Slackware box.

2. Install and configure x11vnc on the Slackware box. Use that as the main X server. Then use ssh -X to the Slackware box. Run "vncviewer localhost" and your Slackware desktop will appear on your laptop. However, again, as the apps are running on the desktop, you can only access files on the desktop. (This is the setup we use in our schools, so that teachers/IT staff can connect to any station for troubleshooting and monitoring.)

AFAIK, none of the Unix VNC clients/servers support file transfers, sound redirection, or print redirection.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
  #9   (View Single Post)  
Old 8th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by phoenix View Post
Okay, your use of "rsdesktop" threw me for a loop, as rdesktop is only used for connecting to Windows stations, and works really well in conjunction with "ssh -L".
Sorry. Until last night, I really thought rdesktop worked for logging into Linux/Unix boxes. In retrospect, I can see that I've only used rdesktop for logging into Windows servers and hosts and VNC once or twice with Ubuntu. And I made a faulty assumption.


Quote:
Originally Posted by phoenix View Post
Two options, depending on how much of the Slackware desktop screen you want to see:
1. ssh -X to the Slackware box. Then run X11 programs from the command-line, and they'll appear on your local screen (laptop). However, as the apps are actually running on the Slackware box, they will only have access to the files on the Slackware box.
I've gotten this far. It works for most of what I need. I can always use scp or something similar to upload and download files as needed -- it's just an extra step.


Quote:
Originally Posted by phoenix View Post
2. Install and configure x11vnc on the Slackware box. Use that as the main X server. Then use ssh -X to the Slackware box. Run "vncviewer localhost" and your Slackware desktop will appear on your laptop. However, again, as the apps are running on the desktop, you can only access files on the desktop. (This is the setup we use in our schools, so that teachers/IT staff can connect to any station for troubleshooting and monitoring.)
I don't think I need a full fledge desktop in this scenario. I did, however, make a half-hearted attempt to configure TightVNC last night -- without success (not that I'm surprised given my lack of effort in this regard).


Quote:
Originally Posted by phoenix View Post
AFAIK, none of the Unix VNC clients/servers support file transfers, sound redirection, or print redirection.
I'm not sure what I'll do with printing. Setting up printing always seems to be last on my list.

For sound, I can listen to mp3 files from the remote host locally. If I really wanted to, I could setup some sort of streaming audio server, too. But, that's not what I'm looking for.

Here is the scenario: I ssh -X into the desktop. I open up xine on the desktop to view a video displayed on the laptop (file/disc is stored on desktop). The video comes through, but the sound doesn't. That video makes it and sound doesn't seem illogical to me, but it is the situation. I can't figure how or even if I can get the sound to make the journey?




Two more questions:

1) If I ssh -X into the desktop and open up firefox and go to a secure site, will that be as secure as if I browsed from the desktop without the ssh connection (as if I'm sitting there)? I think I know the answer, but I want to verify.


2) Some mentioned on a site I was looking at that they update (I think he said with cron) a website every 30 minutes with the current IP address. How could I do that with a cron job (or something comparable) so that the IP address of the DSL modem will update a webpage so that I can know the address to ssh to no matter where I am?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 8th January 2009
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

Quote:
Originally Posted by JMJ_coder View Post
The video comes through, but the sound doesn't. That video makes it and sound doesn't seem illogical to me, but it is the situation. I can't figure how or even if I can get the sound to make the journey?
I may be wrong, but I think I'm right.... so anyone feel free to correct me if it's the latter, rather then the former.


If you recall whatever you should have read about how the X Windows System works, you have an X Server that handles the display of X Clients on a given $DISPLAY. When my laptops keyboard went belly up, I tried virtually everything :\. One task was hooking up my laptop, and tunneling X over SSH to an X Server running on the Windows machine. Because the server was on the Windows machine, the Windows machine needs the graphics card - because all of the rendering is done on the boxen with the X Server running (or $DISPLAY, if you want to think of it that way, but that wouldn't be true). Likewise the programs are actually being executed from the remote host, where they are installed; in my case it was on the FreeBSD machine. I don't know the protocol very well (and am no Jamie Zawinski either!), but look at it this way:
  • X is about graphics for the most part.
  • Video requires rendering images on the users $DISPLAY by the X Server managing that $DISPLAY, and doing it at a suitable "frame rate".
  • Sound is an Operating System specific feature and has nothing to do with graphics.
  • If the machine doing the graphics rendering needs the graphics card, wouldn't it make sense if the machine doing the audio playback needed the sound card?


At least, that is as much as I can offer without more time to learn and cash for hardware. So the only way around it is a network mount of the files and running a program locally to play it, afaik.






Quote:
Originally Posted by JMJ_coder View Post
2) Some mentioned on a site I was looking at that they update (I think he said with cron) a website every 30 minutes with the current IP address. How could I do that with a cron job (or something comparable) so that the IP address of the DSL modem will update a webpage so that I can know the address to ssh to no matter where I am?
That I can't really help with outside of taking a guess, that you mean go to website, get IP that has been updated via cron; then feed that into SSH (sounds like a job for scripting). On related notes, you might also like to take a look at something like: http://www.dyndns.com/ and http://en.wikipedia.org/wiki/Dynamic_DNS
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
Old 10th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by TerryP View Post
I may be wrong, but I think I'm right.... so anyone feel free to correct me if it's the latter, rather then the former.


If you recall whatever you should have read about how the X Windows System works, you have an X Server that handles the display of X Clients on a given $DISPLAY. When my laptops keyboard went belly up, I tried virtually everything :\. One task was hooking up my laptop, and tunneling X over SSH to an X Server running on the Windows machine. Because the server was on the Windows machine, the Windows machine needs the graphics card - because all of the rendering is done on the boxen with the X Server running (or $DISPLAY, if you want to think of it that way, but that wouldn't be true). Likewise the programs are actually being executed from the remote host, where they are installed; in my case it was on the FreeBSD machine. I don't know the protocol very well (and am no Jamie Zawinski either!), but look at it this way:
  • X is about graphics for the most part.
  • Video requires rendering images on the users $DISPLAY by the X Server managing that $DISPLAY, and doing it at a suitable "frame rate".
  • Sound is an Operating System specific feature and has nothing to do with graphics.
  • If the machine doing the graphics rendering needs the graphics card, wouldn't it make sense if the machine doing the audio playback needed the sound card?


At least, that is as much as I can offer without more time to learn and cash for hardware. So the only way around it is a network mount of the files and running a program locally to play it, afaik.
I have poured over the internet trying to find solutions. The basic answer is that ssh doesn't forward sound. But, you can set up a client/server scenario and tunnel that through ssh for sound. But, there is no BSD UNIX solution to this that I found. It is all for Windows<->Linux and Linux<->Linux -- i.e., using Jack, ESD, etc.


I realize that X and sound are two different subsystems, but my objection is if you can forward one, why cannot you forward the other? (this is a question/complaint directed toward the ssh people and not you guys)
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 10th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by TerryP View Post
That I can't really help with outside of taking a guess, that you mean go to website, get IP that has been updated via cron; then feed that into SSH (sounds like a job for scripting). On related notes, you might also like to take a look at something like: http://www.dyndns.com/ and http://en.wikipedia.org/wiki/Dynamic_DNS
Yes, that's about it. Let's forget the part of getting the updated IP off the web and plugging it into SSH for now (that I can pretty much handle).

I'm looking for how to use a cron job to figure out the current IP address, and then update say a html link on a webpage.

I don't think that dynamic DNS would work because there is no domain name associated with it.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 10th January 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

@JMJ, X was based originally for networked graphics.. multiple X terminals (dedicated hardware) would connect to a fast Unix server.

Sound was never in the equation.. and historically, there have been several sound API's for Unix systems, Sun Audio and OSS being the most popular of coarse. (Neither are network aware..)

Due to the nature of sound.. it's been more of a "localized" thing, traditionally not networked.. but it has been done.

You already mentioned the programs by name.. ESD(Esound) and Jack both support this.

A little off topic.. but is that religious quotation really necessary in your signature? in red? it's most surely going to offend someone.
Reply With Quote
Old 10th January 2009
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,027
Default

Quote:
Originally Posted by JMJ_coder View Post
I don't think that dynamic DNS would work because there is no domain name associated with it.
It's true the hostname supplied by the ISP (if they do (which they should)) will be as dynamic as the IP address. However, that doesn't matter as you don't need to use it. With DynDNS (and the like) you can pick your own static hostname (i.e., the name doesn't change). Something like myhostname.dyndns.org . Then the IP address associated with this name is changed dynamically by you. So when you look up that hostname you'll get the current IP that you've assigned to it.

E.g., you could run a cron job on the machine in question to check its own IP every 10 minutes, say, and if it has changed since last time, then it runs a program to update the IP address that is associated with myhostname.dyndns.org on the DynDNS servers.
Reply With Quote
Old 10th January 2009
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,027
Default

Quote:
Originally Posted by JMJ_coder View Post
The basic answer is that ssh doesn't forward sound.
I guess it's one thing to forward a TCP/IP port, and quite another to forward any arbitrary device /dev/??? . If you want to forward /dev/audio*, how about /dev/mouse? Or a hard disk?
Reply With Quote
Old 11th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by BSDfan666 View Post
@JMJ, X was based originally for networked graphics.. multiple X terminals (dedicated hardware) would connect to a fast Unix server.

Sound was never in the equation.. and historically, there have been several sound API's for Unix systems, Sun Audio and OSS being the most popular of coarse. (Neither are network aware..)

Due to the nature of sound.. it's been more of a "localized" thing, traditionally not networked.. but it has been done.

You already mentioned the programs by name.. ESD(Esound) and Jack both support this.
I can understand the historical why not, I'm just lamenting the why not (I'll get over it ). Again the complain isn't directed to anyone here (unless you are part of the OpenSSH development team! )



Quote:
Originally Posted by BSDfan666 View Post
A little off topic.. but is that religious quotation really necessary in your signature? in red? it's most surely going to offend someone.
It certainly isn't meant to offend. The quote is from the troparion for Christmas day according to the Byantine rite and I switched from the kontakion because it has more to do with the Magi, which was celebrated on January 6. It is in red because it is Christmas (red is a Christmas color). In Advent, the signature was in purple. I just can't help but to proclaim the glorious message.

It is a little off-topic, but if you want to start a new thread I'd be happy to continue discussion.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 11th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by JMJ_coder View Post
I've gotten this far. It works for most of what I need. I can always use scp or something similar to upload and download files as needed -- it's just an extra step.
Stupid router!!! I wish they would stop making such idiotic "consumer" electronic products. I tried to scp, but since it establishes a connection on both ends, the router wouldn't allow it -- only one computer per port. It cannot be changed. This thing has to have definitely come out of Redmond.

I'm going to have to change port assignments for my ssh connections (not a bad security step anyways). At least the stupid router allows me to custom create a forward definition, so at least I can create another ssh definition to use a different port.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 12th January 2009
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 696
Default

Have a look at NAS, the Network Audio Server. It does for sound what X does for video. The only caveat is that the application has to be NAS-aware. It's available in the ports tree (audio/nas), and most of the more popular apps support it. Even artsd, for KDE3, supports NAS. You may need to reinstall your audio/video apps to enable NAS support.

A quick tutorial is available here.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
Old 13th January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by phoenix View Post
Have a look at NAS, the Network Audio Server. It does for sound what X does for video. The only caveat is that the application has to be NAS-aware. It's available in the ports tree (audio/nas), and most of the more popular apps support it. Even artsd, for KDE3, supports NAS. You may need to reinstall your audio/video apps to enable NAS support.

A quick tutorial is available here.
Thanks, I remember one of the tutorials mentioning it.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS host entry on the Slave server ccc General software and network 3 24th June 2009 01:09 AM
sendmail host name lookup failure ducu_00 General software and network 9 21st January 2009 02:42 AM
Print on remote WinXP from web host drhowarddrfine General software and network 5 13th October 2008 05:41 PM
Changing IP to host www, mail and etc in FreeBSSD neubie FreeBSD General 5 19th June 2008 07:34 AM
Appending to file on remote host via SSH splooge Programming 10 7th June 2008 10:23 PM


All times are GMT. The time now is 08:32 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick