[CentOS] iptables settings for X11 forwarding in CentOS 6.2

Fri Mar 29 23:54:44 UTC 2013
SilverTip257 <silvertip257 at gmail.com>

On Fri, Mar 29, 2013 at 1:09 PM, zGreenfelder <zgreenfelder at gmail.com>wrote:

> On Fri, Mar 29, 2013 at 12:37 PM, Pat Haley <phaley at mit.edu> wrote:
> >
> > Hi,
> >
> > Actually we're talking about both SSH and XDMCP X11 forwarding.
> > Both seem to be currently disabled by the iptables.
> >
> > We'll try out what you suggest and get back with the results.
> > Thanks.
> >
> > Pat
>
> iptables should have no effect (well.   I guess if you do some really
>

Read the entire thread.  The OP tested with firewall rules and then with fw
off/flushed rules.


> odd config settings it -could-, but that's a bit of an edge case) on
> ssh X tunnels.   check your /etc/ssh/sshd_config for
> X11Forwarding
> it should be set to yes.   if you have iptables that apply to
> localhost/127.0.0.0/8 network, then I suppose iptables could be part
> of the problem.   but I'd think it'd make sense to drop most all of
> those rules.
>
> it might also be helpful to look at the output of from your external
> machine when you run ssh -vvvv -X user at clusterhost (I wouldn't send it
> all to the list, cuz it'll be a ton of nonsense, but the last page or
> of output lines have helped me find issues in the past)
>
> ... or am I completely off in left field and you're saying you're
> unable to ssh into your machines?
> --
> Even the Magic 8 ball has an opinion on email clients: Outlook not so good.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
---~~.~~---
Mike
//  SilverTip257  //