Hello,
Can ssh be used in conjunction with xhost?
Here's the scenario we are working with (in as generic
terms as I can make it):
We have 3 systems: A, B, and C.
"A" is a remote system.
"B" is a local system and is used as a gateway for accessing "C".
"C" is a different local system.
There are two different ways for a user to connect to "C".
(1) Login to "B" on the console and then connect to "C".
(2) Login to "B" remotely from "A" and then connect to "C".
The connection between A and B uses ssh. (This works fine.)
Here's the catch: "C" is a special machine that we do not
own and does not permit telnet, ftp, ssh, rcp, rlogin, etc. connections.
Instead, there is a special interface for telling "C" to send an xterm
as a login window.
We do not own, control, or recommend the software for "C" -- we cannot
tell them to install ssh. We must use their xterm interface.
The basic login scenario:
The user logs into the console on "B", types `xhost +C` and then asks
"C" to send an xterm over to "B" for a login prompt.
This works well. ("C" is a trusted host, so the `xhost +C` is not
an issue.)
The problem:
The user on "A" uses SSH to connect to "B".
SSH happily sends all X-traffic on B to A.
The user, on "B", types `xhost +C`. This appears to work.
The user, on "B", asks for the xterm window from C, but the window does
not appear. Instead, SSH prevents the xterm, requiring an xauth token.
This creates a catch-22 situation: The user on B cannot
ftp/telnet/rlogin/rcp/ssh the xauth token to C without getting an
xterm window first and C is not permitted to send the xterm window
without first getting the xauth token. Basically, there is no
way to transfer the xauth token from B to C without first establishing
the initial xterm login, so xhost must be used. But, ssh is not
accepting connections from the xhost list.
My question:
If there a flag or setting for ssh for permitting `xhost` authorization?
Can SSH be told to permit hosts in the xhost list?
Thanks for any help,
-Neal
