XDMCP and ssh

XDMCP and ssh

Postby beakmyn » Tue Oct 16, 2007 4:32 am

The linux forum was getting dusty so I thought I'd freshen it up a bit.

So, next August I'll be travelling to Japan for a month or so. I'm thinking it wouldn't be in my best interest to get on the internet unprotected.... so I figure I could set up a machine at home and configure it for XDMCP and ssh so that I can log into it from Japan and surf the internet through my local connection.

I could tunnel my connection through my home machine too I suppose. This would cut down on the bandwidth usage. What are your thoughts? If I go this route I would want to use my WRT54GS for this.

I'd rather not use a public proxy if possible.

Thoughts, concerns?
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby wrzwaldo » Tue Oct 16, 2007 8:04 am

Right now I'm using Privoxy and WinSSL Wrap.
wrzwaldo
 
Posts: 8995
Joined: Sun Dec 14, 2003 12:43 pm

Postby Scruge » Tue Oct 16, 2007 11:07 am

beakmyn wrote:So, next August I'll be travelling to Japan for a month or so.


I don't know about internet security there, but be sure to book airline ticket roundtrip to Hong Kong with stop over in Japan..

If you can, arrange 4-5 days in HK with lots of money. I think you'll like it much better than Japan.
User avatar
Scruge
 
Posts: 1399
Joined: Wed Jan 26, 2005 3:29 pm

Postby beakmyn » Tue Oct 16, 2007 11:37 am

I'm going for work so no chance of that. :(

Edit:

Anything special about privoxy or Winssl. Looks like it will do what I need which is to give me an encrypted connection into my home network and then back out my home network to the internet.

I may even be able to run it on my WRT although I've got a Dell CpX with a flaky screen that will suit the purpose also.\


[X] Step 1
Warserver has been "re-porpoised" to Kamikaze 7.09 with webif.
[X] Step 2
Set up DynDNS
[ ] Step 3
Setup Privoxy
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby beakmyn » Sat Oct 20, 2007 4:09 pm

Anybody know of any linux distros already set up to be proxies, firewalls, ssh? I'd like to setup a home machine (probably spare laptop or older desktop). It would need to work both on the inside LAN and allow me to ssh into it from outside and proxy through it.
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby beakmyn » Wed Oct 24, 2007 8:03 am

Seems everything can be done in the router :) However, if you've got pointers let me know

OpenWrt / Looking for a howto ssh privoxy
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby brwrdrvr » Wed Oct 24, 2007 8:23 am

beakmyn wrote:I'm going for work so no chance of that. :(

Edit:

Anything special about privoxy or Winssl. Looks like it will do what I need which is to give me an encrypted connection into my home network and then back out my home network to the internet.

I may even be able to run it on my WRT although I've got a Dell CpX with a flaky screen that will suit the purpose also.\


[X] Step 1
Warserver has been "re-porpoised" to Kamikaze 7.09 with webif.
[X] Step 2
Set up DynDNS
[ ] Step 3
Setup Privoxy


Let me know how things work with the DynDNS and the WRT. I have been thinking about going this route for a few months, but wasn't sure. The site I was looking at said that the WRT had some trouble with the updating at times. So they recommended downloading and running their update client.
Real Linux users write the zeros and ones directly to the hard drive using a refrigerator magnet. ~ bobfunland
User avatar
brwrdrvr
 
Posts: 3381
Joined: Fri Feb 18, 2005 9:26 pm
Location: Capitol City, Louisiana

Postby audit » Wed Oct 24, 2007 8:26 am

Your going to LOVE Japan. It was always one of my favorite places to goto for a client. I missed a flight out one time so I could stay over another day. The food there is GREAT as well as the people for the most part. I never had any issues with Internet over there and the few people that I know that still go over for consulting use their Internet just fine without any issues.
User avatar
audit
 
Posts: 1945
Joined: Mon Aug 19, 2002 3:00 am
Location: In the Octagon

Postby Barry » Wed Oct 24, 2007 9:26 am

What about vpn?
Never do anything you don't want to explain to the paramedics.
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Postby beakmyn » Wed Oct 24, 2007 10:00 am

I looked at that but wasn't sure which way to go. I've got openvpn installed just not enabled (it can be enabled from the web interface).

TAP OpenVPNHowTo - OpenWrt
TUN OpenVPNTunHowTo - OpenWrt

Wasn't sure which one I should use. Sure VPN will give me access to my home network but will it proxy my internet surfing through it?
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby Barry » Wed Oct 24, 2007 11:25 am

beakmyn wrote:I looked at that but wasn't sure which way to go. I've got openvpn installed just not enabled (it can be enabled from the web interface).

TAP OpenVPNHowTo - OpenWrt
TUN OpenVPNTunHowTo - OpenWrt

Wasn't sure which one I should use. Sure VPN will give me access to my home network but will it proxy my internet surfing through it?


You know, now that you mention it, I'm not sure now. I thought it did, but how could you check?
Never do anything you don't want to explain to the paramedics.
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Postby beakmyn » Wed Oct 24, 2007 11:32 am

Barry wrote:You know, now that you mention it, I'm not sure now. I thought it did, but how could you check?


I know that with the one I use for work the VPN only routes traffic for the work network. Internet traffic doesn't go through the VPN. How do I know? I can get to sites that our IT blocks. So, if Internet traffic was being routed through the VPN it would be blocked.

I need a proxy. I'm almost there. I think the router's firewall rules are blocking SSH from the wan. The web interface uses one config file and the router has another. I can't test it until I get home.
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby beakmyn » Fri Oct 26, 2007 10:00 am

Well it looks like either my IPTables are wrong or it won't forward WAN 8080 to LAN 22

I set WAN 8080 to 22 and had our IT guy temporarily open 22 outbound and I was able to connect to my router.

TinyProxy is running now and proxying.

Now I'm working on getting srelay to forward #### to 22 to keep 22 closed on the WAN.
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby beakmyn » Thu Nov 01, 2007 5:28 am

So XDMCP won't work through a SSH tunnel, now I know. So I set up OPENVPN. The webif interface on the router doesn't support OpenVPN server configs, now I know. So I run it manually. XDMCP is very slow under a WAN connection, particularly with Gnome as since there's so many more application that it has to run, now I know. So, now I'm going to set up VNC and hope that speeds things up but that's a desktop sharing app.
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm


Return to Unix/Linux

Who is online

Users browsing this forum: No registered users and 2 guests

cron