Re: SSH-X-Forwarding: Determining the Host? - Xwindows

This is a discussion on Re: SSH-X-Forwarding: Determining the Host? - Xwindows ; On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote: > How can one determine the host that an xterm is displayed on, if the xterm > was started as follows? > > user@host$ ssh -X some-machine xterm > ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Re: SSH-X-Forwarding: Determining the Host?

  1. Re: SSH-X-Forwarding: Determining the Host?

    On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    > How can one determine the host that an xterm is displayed on, if the xterm
    > was started as follows?
    >
    > user@host$ ssh -X some-machine xterm
    >
    > or
    >
    > user@host$ ssh -Y some-machine xterm
    >
    > The problem, of course, is that $DISPLAY contains "localhost" as host,
    > and thus not much information. But, I imagine that one can connect
    > to port 6000+ on localhost and somehow retrieve the name
    > of the host.


    In fact I wouldn't be surprised if there was a dedicated general
    purpose tool for that purpose (thus my cross post to comp.windows.x).
    Anyone?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  2. Re: SSH-X-Forwarding: Determining the Host?


    Felix E. Klee wrote:
    > On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    > > How can one determine the host that an xterm is displayed on, if the xterm
    > > was started as follows?
    > >
    > > user@host$ ssh -X some-machine xterm
    > >
    > > or
    > >
    > > user@host$ ssh -Y some-machine xterm
    > >
    > > The problem, of course, is that $DISPLAY contains "localhost" as host,
    > > and thus not much information. But, I imagine that one can connect
    > > to port 6000+ on localhost and somehow retrieve the name
    > > of the host.

    >
    > In fact I wouldn't be surprised if there was a dedicated general
    > purpose tool for that purpose (thus my cross post to comp.windows.x).
    > Anyone?


    Don't you get a REMOTEHOST environment when you connect using rsh?

    --- Casantos


  3. Re: SSH-X-Forwarding: Determining the Host?


    > Felix E. Klee wrote:
    > > On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    > > > How can one determine the host that an xterm is displayed on, if the xterm
    > > > was started as follows?
    > > >
    > > > user@host$ ssh -X some-machine xterm
    > > >
    > > > or
    > > >
    > > > user@host$ ssh -Y some-machine xterm
    > > >
    > > > The problem, of course, is that $DISPLAY contains "localhost" as host,
    > > > and thus not much information. But, I imagine that one can connect
    > > > to port 6000+ on localhost and somehow retrieve the name
    > > > of the host.

    > >
    > > In fact I wouldn't be surprised if there was a dedicated general
    > > purpose tool for that purpose (thus my cross post to comp.windows.x).
    > > Anyone?

    >
    > Don't you get a REMOTEHOST environment when you connect using rsh?
    >
    > --- Casantos


    This is a joke, right?

    (says Richard, posting to comp.security.SSH)

    --
    Richard Silverman
    res@qoxp.net


  4. Re: SSH-X-Forwarding: Determining the Host?

    On Tue, 21 Mar 2006 17:36:34 -0800, nojunk wrote:

    >
    > Felix E. Klee wrote:
    >> On Mon, 20 Mar 2006 16:40:43 +0100, Felix E. Klee wrote:
    >> > How can one determine the host that an xterm is displayed on, if the
    >> > xterm was started as follows?
    >> >
    >> > user@host$ ssh -X some-machine xterm
    >> >
    >> > or
    >> >
    >> > user@host$ ssh -Y some-machine xterm
    >> >
    >> > The problem, of course, is that $DISPLAY contains "localhost" as host,
    >> > and thus not much information. But, I imagine that one can connect to
    >> > port 6000+ on localhost and somehow retrieve the name
    >> > of the host.

    >>
    >> In fact I wouldn't be surprised if there was a dedicated general purpose
    >> tool for that purpose (thus my cross post to comp.windows.x). Anyone?

    >
    > Don't you get a REMOTEHOST environment when you connect using rsh?


    Rsh? Who uses rsh anymore? :-)

    I do see an SSH_CONNECTION environment variable; it has four tokens:

    from host (IP addr)
    from port (numeric)
    to host (IP addr)
    to port (numeric; usually 22)

    This might be enough information for your purposes. There's also an
    SSH_CLIENT (three tokens: fromhost, fromport, toport) and SSH_TTY (which
    is the slave side of the pty, presumably; the 'tty' command reports the
    same value).

    SSH_CONNECTION is documented in my ssh(1) manpage; the other two are not.

    Note that sshd also pays attention (at least on my Gentoo system; it may
    depend on how it's built) to /etc/hosts.allow and /etc/hosts.deny, if any
    interlopers are trying to get cute out there. (There's an idiot or two
    out there who tries all sorts of usernames.)

    As for DISPLAY on a ssh -XY, it is usually localhost:10 (or :11 or :12 or
    ....), with sshd handling the proxying semi-transparently. (I say semi
    because attempts at using extensions such as OpenGL run into problems. :-) )

    >
    > --- Casantos


    --
    #191, ewill3@earthlink.net
    It's still legal to go .sigless.


  5. Re: SSH-X-Forwarding: Determining the Host?

    On Wed, 22 Mar 2006 05:02:41 +0000, The Ghost In The Machine wrote:
    > SSH_CLIENT (three tokens: fromhost, fromport, toport)


    Thanks, we already have been told by someone else that this env. variable
    could be the key, and it is.

    Nevertheless, I'd like to know: Is there *no* command in the X
    protocol that returns the IP of the X server?

    --
    Dipl.-Phys. Felix E. Klee
    Email: fk@linuxburg.de (work), felix.klee@inka.de (home)
    Tel: +49 721 8307937, Fax: +49 721 8307936
    Linuxburg, Goethestr. 15a, 76135 Karlsruhe, Germany

  6. Re: SSH-X-Forwarding: Determining the Host?

    >>>>> "FEK" == Felix E Klee writes:

    FEK> Nevertheless, I'd like to know: Is there *no* command in the X
    FEK> protocol that returns the IP of the X server?

    Take a look at the protocol, but I don't believe so. If I'm wrong, I sure
    someone on comp.windows.x will correct me. After all, if you have a TCP
    connection to something, you should already know its address; and if you
    don't (because you were handed the socket from somewhere else), then you
    use getpeername().

    It's not X Window's fault that you're using NAT, proxying, forwarding, or
    some other technique that obscures the ultimate origin of the connection.

    --
    Richard Silverman
    res@qoxp.net


  7. Re: SSH-X-Forwarding: Determining the Host?

    On Wed, 22 Mar 2006 11:40:41 -0500, Richard E. Silverman wrote:

    >> [quoted text muted]

    >
    > FEK> Nevertheless, I'd like to know: Is there *no* command in the X
    > FEK> protocol that returns the IP of the X server?
    >
    > Take a look at the protocol, but I don't believe so. If I'm wrong, I sure
    > someone on comp.windows.x will correct me. After all, if you have a TCP
    > connection to something, you should already know its address; and if you
    > don't (because you were handed the socket from somewhere else), then you
    > use getpeername().
    >
    > It's not X Window's fault that you're using NAT, proxying, forwarding, or
    > some other technique that obscures the ultimate origin of the connection.


    getpeername() might be of some assistance; however, in the case of a
    proxied SSH/X connection, all one will get is the socket sshd is hanging
    out.

    Also, there's a more general problem. A multihomed machine has multiple
    IP addresses; which one should it use? Even a single machine that's
    simultaneously on a local LAN and talking to the Internet through a dialup
    line has 3 IP addresses: localhost (the lo interface), the LAN address
    (typically 192.168.1.x on eth0), and whatever IP address is assigned to
    the dialup line by the other end (on the ppp0 interface).

    This means that, were X on such a box to answer the question correctly,
    one might get one of 4 answers, depending on how one connects and which
    interface one uses to connect to the server. (The fourth is a local Unix
    socket, which is a pathname somewhat akin to a pipe: sockaddr_un/AF_UNIX
    versus sockaddr_in/AF_INET.)

    --
    #191, ewill3@earthlink.net
    It's still legal to go .sigless.


+ Reply to Thread