[FreeNX-kNX] Re: Problem sending 'switch' command to nxssh (Was: Re: Need help to get nxproxy & nxssh working over encrypted connection)
LROUFAIL at nc.rr.com
LROUFAIL at nc.rr.com
Wed Jan 26 23:08:22 UTC 2005
This helps quite a bit.
While all this may seem obvious to you, it is not to me, and it is counter to how it has worked in the past.
For example, my understanding was that nxssh set up the port forwarding and then started nxproxy to use that port to talk to the server.
Now you are saying that nxssh connects to nxproxy once the proxy is already running. I hadn't tried that because it looked like nxproxy tries to connect to the server as soon as it is running, and so I didn't think I could start the proxy until I had switched the connection (and then I thought I was going to have to manually redirect the proxy to nxssh somehow through a locally forwarded port or through stdin/stdout).
Also I think you are saying -D goes out the window with SSH now because you are forcibly disabling the port forwarding, but that the switch command basically tells nxssh the same thing - which port to use to communicate with the proxy.
So this helps but is there any methodology to which port is chosen because it does not look like it comes from the server. I am thinking about just picking a random port between 3000 and 4000 and being done with it.
I am just spelling all this out so if I am wrong you can correct me and everyone can benefit.
My real goal was just to use the session interface in nxcompsh to embed this stuff and never figure out how all the internals work - so I admit to being a bit dense when it comes to the details.
I don't see any reason to figure this out by trial and error when you already know the answers.
That's what you get for being so responsive!
Thanks,
lawrence
----- Original Message -----
From: Gian Filippo Pinzari <pinzari at nomachine.com>
Date: Wednesday, January 26, 2005 10:15 am
Subject: Re: [FreeNX-kNX] Re: Problem sending 'switch' command to nxssh (Was: Re: Need help to get nxproxy & nxssh working over encrypted connection)
> LROUFAIL at nc.rr.com wrote:
> > If I have the client send the switch command, how do I decide
> what
> > port to use?
>
> Run the proxy with the "listen=port" option. Look at the "options"
> file created by nxclient.
>
> > The nxrun code hardcodes an encryption port for nxssh
> > (the -D option), but the commercial client does not use it. Are
> > these things related?
>
> Of course they are related. Using -D required that the NX server
> had port forwarding enabled. The new method tunnels the traffic
> by inheriting the same SSH connections.
>
> > Can you describe in more detail how the client proxy switch works?
>
> - nxclient runs nxssh to connect to the server.
>
> - The session is negotiated, using the SSH connection.
>
> - Once session is successfully negotiated, nxclient
> runs nxproxy.
>
> - Then nxclient tells to nxssh to connect to the
> running nxproxy. It does that using the switch
> command
>
> - To let nxproxy accept the connection you have to
> tell nxssh which authorization cookie it must use.
> This is done as part of the switch command.
>
> This same mechanism makes possible to use arbitrary trasports
> for tunning the proxy payload. For example you might keep the
> session running while the TCP connections is broken. nxproxy
> would continue using a different connection when it is re-esta-
> blished, useful for HTTP tunneling. Provision for that already
> exists in nxcomp/nxproxy, though incomplete. Please check how
> SIGHUP is managed in nxcomp.
>
> Regards,
>
> /Gian Filippo.
>
> _______________________________________________
> FreeNX-kNX mailing list
> FreeNX-kNX at kde.org
> https://mail.kde.org/mailman/listinfo/freenx-knx
>
More information about the FreeNX-kNX
mailing list