>
> I disagree there -- it would almost certainly create a bigger overhead
> on the system.
I concede to you on that one for a loopback connection. But read on ...
>
> One trick I use (for remote systems) is:
>
> X -query <IP>
>
> trick on my server so that I can connect locally to it.
I am assuming that you have already enabled XDMCP on your X client (i.e.
the remote machine to which you want to make the connection). Sorry,
but the jargon is all counter-intuitive. Your earlier comment about
overheads comes back to haunt you here, though, as well as the
introduction of potential security breaches:
1. Network traffic when you start up your remote X server with
X -query 192.168.x.y :1
is quite considerable.
2. There is no reliable security governing the connection between your X
server and the remote client whose session you are using.
Consider again my ssh connection:
1. There is much less network traffic, as only the process actually
engaged and ssh itself is causing any.
2. Ssh provides a high level of data encryption at both ends of the
conversation.
3. There is absolutely no need to open up XDMCP at all to allow this to
happen.
4. In most cases, the root user is debarred from attaching across a LAN
using XDMCP because of the inherent security risk.
>
> You neglect to say *what* failed, and how. I'd be interested in this.
Sorry - I don't know what failed - the previous correspndent provided
some error messages, but they were not enough for me to determine
exactly where the failure occurred and I do not have the time to
replicate his problem.
>>
>> to manage resources on remote stations on the network.) I have also
>> in the past used Thomas's 'magic-cookie' solution, but it proves more
>> tricky than the one I favour.
>
> How's that? If you don't like xauth (grin)
Just a less elegant command line. With the xauth solution you have to
su first, then I suppose you could concoct a more elegant command line
along the lines of
export DISPLAY=localhost:0.0 && xauth merge ~user/.Xauthority &&
/usr/local/bin/executable.to.run
(all one line, whatever your mailer does to render it!!)
Just plug ugly. But I do accept that the overhead is lower for a
loopback connection.
, the "sudo" is an even
> simpler means, in my opinion.
>
Possibly, eventually, after setting up the appropriate section in
sudoers and still not really as secure a connection as the ssh one - but
maybe I am too hung up on security.
I'm listening ...
--
Email: aray(a)computerpark.co.uk
---------------------------------------------------------
This private and confidential e-mail has been sent to you
by Computer Park Ltd.
If you are not the intended recipient of this e-mail and
have received it in error, please notify us via the email
address or telephone number below, and then delete it from
your mailbox.
Email: mailbox(a)computerpark.co.uk
Tel: +44 (0) 1536 417155
Fax: +44 (0) 1536 417566
Head Office:
Computer Park Ltd, Broughton Grange, Headlands, Kettering
Northamptonshire NN15 6XA
Registered in England: 3022961.
Registered Office:
6 North Street, Oundle, Peterborough PE8 4AL
=========================================================