I‘ve ssh gateway behind my NAT firewall. So all users must first login to my gateway host from the internet and then login to other machines on the LAN. This works great for cli based apps. However, few users would like to run x apps from internal LAN hosts and tunnel X display through intermediate ssh gateway and display back output on their local system. For example, from localsystem user makes connection as follows:
ssh -X firstname.lastname@example.org
ssh -X email@example.com
X forwarding fails with an error:
Error: Can’t open display:
How do I fix this problem and allow users to use X apps with my intermediate Linux / BSD gateway?
Q. I have just installed Ubuntu 6.06 and I would like to allow remote login to my system from home via ssh. How do I install and configure SSH server?
A. OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.
Ubuntu SSHD Installation
Type the following two command to install both ssh client and server:
# sudo apt-get install openssh-server openssh-client
To be frank your server is ready by default. Just test it from your home computer or from same system with the command:
# ssh localhost
# ssh user@your-server-ip-address
How do I use ssh client?
Assuming that your server hostname is userver.mydomain.com and username is vivek, you need to type the following command:
# ssh firstname.lastname@example.org
To stop ssh server, enter:
# sudo /etc/init.d/ssh stop
To start sshs server, enter:
# sudo /etc/init.d/ssh start
To restart ssh server, enter:
# sudo /etc/init.d/ssh restart
- Setup SSH to run on a non-standard port
- SSH Public key based authentication – How-to?
- How to force sshd server to display login banner before login (change the ssh server [sshd] login banner)?
- Read the man page of sshd, sshd_config for more information
Continue reading “Restrict SSH Access Using tcpd (TCPWrapper) on Linux or Unix”