On Fri, 2010-06-25 at 22:11 +0200, Mike Gabriel wrote: > Hi there, > > in the current x2goclient package (3.01-5, Debian, Qt version) there > is need for an option to configure the reverse SSH port number (i.e. > the SSH daemon's port on the client side). This option should be a > client wide config option (not a per-session option). > > Printing and file sharing (sshfs/fuse) build up a reverse port > forwarding tunnel from the x2goserver back to the client. This feature > is used for x2goprint and x2gomountdirs (if I understand the perl code > correctly) and could also be used for any other feature that could be > evoked by a reverse SSH connection... > > The linux x2goclient, however, pre-requisites a running ssh daemon on > the client system. Its standard port is 22. The x2goclient will only > work if the client's SSH daemon runs on the default port 22. It will > fail if the port has been set to a custom (high) port. > > Consider a client, whose system administrator has set the SSH port to > a high --- to potential intruders unknown --- port number (e.g. > 20222). With such an SSH setup, sshfs/fuse will fail... > > Reproduce: > > o modify /etc/ssh/sshd_config > o set ,,Port 20222'' (or something else) > o /etc/init.d/ssh restart > o start x2goclient as some user and login to a remote x2goserver > o start a shell within the x2go session on the server > o type ,,mount | grep sshfs'' > > Suggestions: > > (a) > add a global SSH port number option to the x2goclient (linux-only). > > (b) > Another way for the x2goclient could be some autodetect code: > lsof -ni | egrep "^sshd.*root.*IPv4" | awk '{ print $8 }' > > (c) > Another way, similar to the windows client, could be to run a separate > ssh instance that binds to a random port on the localhost lo-device > only. That's where the reverse SSH tunnel (server -> client) has its > endpoint. > > sshd -o ListenAddress 127.0.0.1:<someport> -o <someOtherOption> > > > Hope to be of help, > Mike > Hi, Mike, and welcome to a great project. As you suggest, it is a client and not a session setting hence it does not appear in the session definitions. If you go to Options / Settings in the client menu, you will see an option to set the client side port. We do always set this to a non-standard port for security reasons as you also suggest. Thanks - John
_______________________________________________ X2go-dev mailing list X2go-dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev