SSH-X-Forwarding: Determining the Host? - SSH

This is a discussion on SSH-X-Forwarding: Determining the Host? - SSH ; How can one determine the host that an xterm is displayed on, if the xterm was started as follows? user@host$ ssh -X some-machine xterm or user@host$ ssh -Y some-machine xterm The problem, of course, is that $DISPLAY contains "localhost" as ...

+ Reply to Thread
Results 1 to 17 of 17

Thread: SSH-X-Forwarding: Determining the Host?

  1. SSH-X-Forwarding: Determining the Host?

    How can one determine the host that an xterm is displayed on, if the xterm
    was started as follows?

    user@host$ ssh -X some-machine xterm

    or

    user@host$ ssh -Y some-machine xterm

    The problem, of course, is that $DISPLAY contains "localhost" as host,
    and thus not much information. But, I imagine that one can connect
    to port 6000+ on localhost and somehow retrieve the name
    of the host. Any idea?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  2. Re: SSH-X-Forwarding: Determining the Host?

    On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    > How can one determine the host that an xterm is displayed on, if the xterm
    > was started as follows?
    >
    > user@host$ ssh -X some-machine xterm
    >
    > or
    >
    > user@host$ ssh -Y some-machine xterm
    >
    > The problem, of course, is that $DISPLAY contains "localhost" as host,
    > and thus not much information. But, I imagine that one can connect
    > to port 6000+ on localhost and somehow retrieve the name
    > of the host.


    In fact I wouldn't be surprised if there was a dedicated general
    purpose tool for that purpose (thus my cross post to comp.windows.x).
    Anyone?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  3. Re: SSH-X-Forwarding: Determining the Host?

    Felix E. Klee wrote:
    >How can one determine the host that an xterm is displayed on, if the xterm
    >was started as follows?
    > user@host$ ssh -X some-machine xterm
    > user@host$ ssh -Y some-machine xterm
    >The problem, of course, is that $DISPLAY contains "localhost" as host,
    >and thus not much information. But, I imagine that one can connect
    >to port 6000+ on localhost and somehow retrieve the name
    >of the host. Any idea?


    My first thought was xdpyinfo, but that doesn't show host, only the actual
    characteristics of the server. This leads me to suspect that this is one of
    those unix-ey questions (like what's the filename of my binary, or how do I
    change my parent's environment) that cannot be answered, and mean the
    wrong problem is being solved.

    In the SSH case, hostname doesn't help you much - there's no reason to
    believe that you can even get to the X host machine from your SSH target,
    let alone connect to it's X server.
    --
    Mark Rafn dagon@dagon.net

  4. Re: SSH-X-Forwarding: Determining the Host?


    If the server is OpenSSH, the environment variable SSH_CLIENT contains the
    IP address of the client host.

    --
    Richard Silverman
    res@qoxp.net


  5. Re: SSH-X-Forwarding: Determining the Host?

    On Mon, 20 Mar 2006 17:28:24 -0500, Richard E. Silverman wrote:
    > If the server is OpenSSH, the environment variable SSH_CLIENT contains
    > the IP address of the client host.


    Thanks: This does the trick. Nevertheless, a more generic solution would
    be nice.

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  6. Re: SSH-X-Forwarding: Determining the Host?

    On Mon, 20 Mar 2006 12:05:42 -0800, Mark Rafn wrote:
    > My first thought was xdpyinfo, but that doesn't show host, only the actual
    > characteristics of the server.


    Perhaps, there's a command in the X protocol that returns the IP of the
    X-server?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  7. Re: SSH-X-Forwarding: Determining the Host?

    >On Mon, 20 Mar 2006 17:28:24 -0500, Richard E. Silverman wrote:
    >> If the server is OpenSSH, the environment variable SSH_CLIENT contains
    >> the IP address of the client host.


    Felix E. Klee wrote:
    >Thanks: This does the trick. Nevertheless, a more generic solution would
    >be nice.


    This does the trick ONLY in the very simple case. If you're chaining more
    than one SSH connection (say you SSH to a firewall host, then SSH from there
    to an inside machine), you'll only get the intermediate machine.

    Both ssh and X do network trickery that makes it very hard to determine what
    "the host" even means in this context. You can have an Xserver on hostA,
    running an xterm from hostB, using ssh from hostB to hostC and again from
    there to hostD. When you run your process on hostD, which answer do you want,
    and why do you care?
    --
    Mark Rafn dagon@dagon.net

  8. Re: SSH-X-Forwarding: Determining the Host?


    Felix E. Klee wrote:
    > On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    > > How can one determine the host that an xterm is displayed on, if the xterm
    > > was started as follows?
    > >
    > > user@host$ ssh -X some-machine xterm
    > >
    > > or
    > >
    > > user@host$ ssh -Y some-machine xterm
    > >
    > > The problem, of course, is that $DISPLAY contains "localhost" as host,
    > > and thus not much information. But, I imagine that one can connect
    > > to port 6000+ on localhost and somehow retrieve the name
    > > of the host.

    >
    > In fact I wouldn't be surprised if there was a dedicated general
    > purpose tool for that purpose (thus my cross post to comp.windows.x).
    > Anyone?


    Don't you get a REMOTEHOST environment when you connect using rsh?

    --- Casantos


  9. Re: SSH-X-Forwarding: Determining the Host?


    > Felix E. Klee wrote:
    > > On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    > > > How can one determine the host that an xterm is displayed on, if the xterm
    > > > was started as follows?
    > > >
    > > > user@host$ ssh -X some-machine xterm
    > > >
    > > > or
    > > >
    > > > user@host$ ssh -Y some-machine xterm
    > > >
    > > > The problem, of course, is that $DISPLAY contains "localhost" as host,
    > > > and thus not much information. But, I imagine that one can connect
    > > > to port 6000+ on localhost and somehow retrieve the name
    > > > of the host.

    > >
    > > In fact I wouldn't be surprised if there was a dedicated general
    > > purpose tool for that purpose (thus my cross post to comp.windows.x).
    > > Anyone?

    >
    > Don't you get a REMOTEHOST environment when you connect using rsh?
    >
    > --- Casantos


    This is a joke, right?

    (says Richard, posting to comp.security.SSH)

    --
    Richard Silverman
    res@qoxp.net


  10. Re: SSH-X-Forwarding: Determining the Host?

    On Tue, 21 Mar 2006 17:36:34 -0800, nojunk wrote:

    >
    > Felix E. Klee wrote:
    >> On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    >> > How can one determine the host that an xterm is displayed on, if the
    >> > xterm was started as follows?
    >> >
    >> > user@host$ ssh -X some-machine xterm
    >> >
    >> > or
    >> >
    >> > user@host$ ssh -Y some-machine xterm
    >> >
    >> > The problem, of course, is that $DISPLAY contains "localhost" as host,
    >> > and thus not much information. But, I imagine that one can connect to
    >> > port 6000+ on localhost and somehow retrieve the name
    >> > of the host.

    >>
    >> In fact I wouldn't be surprised if there was a dedicated general purpose
    >> tool for that purpose (thus my cross post to comp.windows.x). Anyone?

    >
    > Don't you get a REMOTEHOST environment when you connect using rsh?


    Rsh? Who uses rsh anymore? :-)

    I do see an SSH_CONNECTION environment variable; it has four tokens:

    from host (IP addr)
    from port (numeric)
    to host (IP addr)
    to port (numeric; usually 22)

    This might be enough information for your purposes. There's also an
    SSH_CLIENT (three tokens: fromhost, fromport, toport) and SSH_TTY (which
    is the slave side of the pty, presumably; the 'tty' command reports the
    same value).

    SSH_CONNECTION is documented in my ssh(1) manpage; the other two are not.

    Note that sshd also pays attention (at least on my Gentoo system; it may
    depend on how it's built) to /etc/hosts.allow and /etc/hosts.deny, if any
    interlopers are trying to get cute out there. (There's an idiot or two
    out there who tries all sorts of usernames.)

    As for DISPLAY on a ssh -XY, it is usually localhost:10 (or :11 or :12 or
    ....), with sshd handling the proxying semi-transparently. (I say semi
    because attempts at using extensions such as OpenGL run into problems. :-) )

    >
    > --- Casantos


    --
    #191, ewill3@earthlink.net
    It's still legal to go .sigless.


  11. Re: SSH-X-Forwarding: Determining the Host?

    On Wed, 22 Mar 2006 05:02:41 +0000, The Ghost In The Machine wrote:
    > SSH_CLIENT (three tokens: fromhost, fromport, toport)


    Thanks, we already have been told by someone else that this env. variable
    could be the key, and it is.

    Nevertheless, I'd like to know: Is there *no* command in the X
    protocol that returns the IP of the X server?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  12. Re: SSH-X-Forwarding: Determining the Host?

    On Tue, 21 Mar 2006 10:13:52 -0800, Mark Rafn wrote:
    >>Thanks: This does the trick. Nevertheless, a more generic solution
    >>would be nice.

    >
    > This does the trick ONLY in the very simple case.


    It does the trick in all of *our* cases, AFAICS.

    > If you're chaining more than one SSH connection (say you SSH to a
    > firewall host, then SSH from there to an inside machine), you'll only
    > get the intermediate machine.


    No chaining in our case.

    > Both ssh and X do network trickery that makes it very hard to determine
    > what "the host" even means in this context. You can have an Xserver on
    > hostA, running an xterm from hostB, using ssh from hostB to hostC and
    > again from there to hostD. When you run your process on hostD, which
    > answer do you want, and why do you care?


    I want the IP of the X server where the application is displayed. This
    should be unambiguous, eh?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  13. Re: SSH-X-Forwarding: Determining the Host?

    >>>>> "FEK" == Felix E Klee writes:

    FEK> Nevertheless, I'd like to know: Is there *no* command in the X
    FEK> protocol that returns the IP of the X server?

    Take a look at the protocol, but I don't believe so. If I'm wrong, I sure
    someone on comp.windows.x will correct me. After all, if you have a TCP
    connection to something, you should already know its address; and if you
    don't (because you were handed the socket from somewhere else), then you
    use getpeername().

    It's not X Window's fault that you're using NAT, proxying, forwarding, or
    some other technique that obscures the ultimate origin of the connection.

    --
    Richard Silverman
    res@qoxp.net


  14. Re: SSH-X-Forwarding: Determining the Host?


    Richard E. Silverman wrote:
    > >
    > > Don't you get a REMOTEHOST environment when you connect using rsh?
    > >
    > > --- Casantos

    >
    > This is a joke, right?


    Sorry, I meant "ssh", of course. Fast fingers, slow brain.

    --- Casantos


  15. Re: SSH-X-Forwarding: Determining the Host?

    On 2006-03-22, Felix E. Klee wrote:
    > I want the IP of the X server where the application is displayed. This
    > should be unambiguous, eh?


    Usually but not necessarily. X supports multiple displays per host
    (those are the digits after the host in $DISPLAY that are usually 0.0)
    and it supports transports other than TCP (eg DECnet, Unix domain sockets)
    so there may not even be an associated IP address.

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  16. Re: SSH-X-Forwarding: Determining the Host?

    On Thu, 23 Mar 2006 11:21:58 +0000, Darren Tucker wrote:
    >> I want the IP of the X server where the application is displayed. This
    >> should be unambiguous, eh?

    >
    > Usually but not necessarily. X supports multiple displays per host
    > (those are the digits after the host in $DISPLAY that are usually 0.0)


    Why should this matter if I only want to know the IP of the machine that
    the X server runs on?

    > and it supports transports other than TCP (eg DECnet, Unix domain sockets)
    > so there may not even be an associated IP address.


    Whatever transport is used, the machine that the X Server runs may have an
    IP address. In our case it alway does. And if it doesn't, the (X
    protocol) command that I'm looking after could return an error message or
    simply be unavailable.

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  17. Re: SSH-X-Forwarding: Determining the Host?

    On Wed, 22 Mar 2006 11:40:41 -0500, Richard E. Silverman wrote:

    >> [quoted text muted]

    >
    > FEK> Nevertheless, I'd like to know: Is there *no* command in the X
    > FEK> protocol that returns the IP of the X server?
    >
    > Take a look at the protocol, but I don't believe so. If I'm wrong, I sure
    > someone on comp.windows.x will correct me. After all, if you have a TCP
    > connection to something, you should already know its address; and if you
    > don't (because you were handed the socket from somewhere else), then you
    > use getpeername().
    >
    > It's not X Window's fault that you're using NAT, proxying, forwarding, or
    > some other technique that obscures the ultimate origin of the connection.


    getpeername() might be of some assistance; however, in the case of a
    proxied SSH/X connection, all one will get is the socket sshd is hanging
    out.

    Also, there's a more general problem. A multihomed machine has multiple
    IP addresses; which one should it use? Even a single machine that's
    simultaneously on a local LAN and talking to the Internet through a dialup
    line has 3 IP addresses: localhost (the lo interface), the LAN address
    (typically 192.168.1.x on eth0), and whatever IP address is assigned to
    the dialup line by the other end (on the ppp0 interface).

    This means that, were X on such a box to answer the question correctly,
    one might get one of 4 answers, depending on how one connects and which
    interface one uses to connect to the server. (The fourth is a local Unix
    socket, which is a pathname somewhat akin to a pipe: sockaddr_un/AF_UNIX
    versus sockaddr_in/AF_INET.)

    --
    #191, ewill3@earthlink.net
    It's still legal to go .sigless.


+ Reply to Thread