[suse-security] problem with firewall and X-forwarding
Hi again. I already asked that question once, but then I didn't get any helpful answers... Following problem: I'm in the intranet at my office, and want to work on a remote server. Let's call him jasper. So, I'm on jasper an make a "xspread". Now I get the following answer: xspread: Can't open display client84.xxxx.xx:0 It doesn't matter whether I use ssh or rlogin or rsh to log in to jasper, it simply doesn't work. My firewall log says: Sep 5 11:17:55 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 xxx.xx.xxx.xx:60972 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5353 F=0x4000 T=255 SYN (#5) Sep 5 11:17:56 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 xxx.xx.xxx.xx:60974 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5354 F=0x4000 T=255 SYN (#5) Sep 5 11:17:57 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 1xxx.xx.xxx.xx:60975 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5355 F=0x4000 T=255 SYN (#5) Sep 5 11:17:58 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 1xxx.xx.xxx.xx:60976 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5356 F=0x4000 T=255 SYN (#5) Sep 5 11:17:59 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 xxx.xx.xxx.xx:60977 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5357 F=0x4000 T=255 SYN (#5) Now, how can I solve that problem? Also, I wonder why the outgoing port on jasper is steadily inceasing by one, with each attempt to connect...? Any help appreciated! TIA markus
Hi, the reason for your problem is clear from the firewall logs: the X11 Connection attempt is blocked by the firewall. The increasing source ports is just the normal behaviour of a program when it is trying to establish a connection over TCP. To get this to work you can either open port 6000 on your firewall (not such a good idea IMHO) or do 'ssh -X' if you are using openSSH, since openSSH has X11 forwarding disabled by default IIRC. Note that you may have to allow X11 forwarding in the ssh daemon configuration. And just a remark since you asked this on the security mailing list: from the security point of view you should never use rsh or rlogin for working on a remote server since the communication is unencrypted. Always use ssh! Hope this helps... Best wishes, Thomas On Wed, Sep 05, 2001 at 11:44:56AM +0200, kohli@dplanet.ch wrote:
Hi again. I already asked that question once, but then I didn't get any helpful answers... Following problem: I'm in the intranet at my office, and want to work on a remote server. Let's call him jasper. So, I'm on jasper an make a "xspread". Now I get the following answer: xspread: Can't open display client84.xxxx.xx:0
It doesn't matter whether I use ssh or rlogin or rsh to log in to jasper, it simply doesn't work.
My firewall log says: Sep 5 11:17:55 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 xxx.xx.xxx.xx:60972 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5353 F=0x4000 T=255 SYN (#5) Sep 5 11:17:56 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 xxx.xx.xxx.xx:60974 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5354 F=0x4000 T=255 SYN (#5) Sep 5 11:17:57 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 1xxx.xx.xxx.xx:60975 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5355 F=0x4000 T=255 SYN (#5) Sep 5 11:17:58 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 1xxx.xx.xxx.xx:60976 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5356 F=0x4000 T=255 SYN (#5) Sep 5 11:17:59 memphis kernel: Packet log: rulchain REJECT eth0 PROTO=6 xxx.xx.xxx.xx:60977 xxx.xx.xxx.xx:6000 L=44 S=0x00 I=5357 F=0x4000 T=255 SYN (#5)
Now, how can I solve that problem? Also, I wonder why the outgoing port on jasper is steadily inceasing by one, with each attempt to connect...?
Any help appreciated!
TIA
markus
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Thomas Haeberlen Rechenzentrum Universitaet Stuttgart (RUS) Abteilung Informationsdienste Allmandring 30 , D-70569 Stuttgart Email: haeberlen@rus.uni-stuttgart.de Phone: +49 711 685 47 19 Fax: +49 711 678 76 26
participants (2)
-
kohli@dplanet.ch -
Thomas Haeberlen