X11 forwarding and iptables question
James Knott
james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Fri Nov 26 23:15:38 UTC 2010
bob 295 wrote:
> I recently locked down my ports using some iptables rules to DROP all INPUT
> and FORWARD packets and then accept only on certain ports.
>
> My most of my stuff is working as expected except for X11 forwarding (ie. by
> logging in with ssh -X and running stuff like xclock).
>
> I noticed that ports 177 and 6000:6007 are X11 related. I opened these up on
> the INPUT chain but X11 forwarding still doesn't work.
>
> What iptable rule should I be invoking to allow X11 forwarding?
>
> Thanks in advance for your help.
>
As I understand it, you don't want to be running X unsecured over the
public internet. I've often used it via VPN to my home network. Also,
if you only want individual apps, rather than the entire desktop, you
can use X forwarding over ssh, which is also secure.
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list