xpra icon
Bug tracker and wiki

This bug tracker and wiki are being discontinued
please use https://github.com/Xpra-org/xpra instead.


Changes between Initial Version and Version 1 of SSH


Ignore:
Timestamp:
07/22/18 09:25:42 (3 years ago)
Author:
Antoine Martin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SSH

    v1 v1  
     1[[Image(https://xpra.org/icons/connect.png)]]
     2= SSH Connections =
     3
     4[[BR]]
     5
     6This transport is supported by all python clients and Posix servers. (see #1920 for generic SSH server support feature)
     7
     8See also [/wiki/Network].
     9
     10[[BR]]
     11
     12{{{#!div class="box"
     13== Server Setup ==
     14This type of transport does not usually require any specific {{{bind}}} command line option.
     15
     16With a default configuration, starting a server will create unix domain sockets. Those sockets can be seen with {{{xpra list}}}.
     17
     18When connecting over SSH, the client will execute a proxy command to relay to one of these sockets, forwarding it as a pipe over the network back to the client.
     19}}}
     20
     21{{{#!div class="box"
     22== Client ==
     23
     24Starting with version 2.4, there are now 2 backends which can be used for SSH transport. Older versions only support the ''openssh'' mode. In ''auto'' mode, ''paramiko'' will be used if installed.
     25
     26The backend can be selected using the {{{--ssh=}}} switch. (ie: {{{--ssh=paramiko}}})
     27
     28[[BR]]
     29
     30=== OpenSSH ===
     31This mechanism relies on [https://www.openssh.com/ openssh] on Posix systems, optionally using [https://sourceforge.net/projects/sshpass/ sshpass] to supply passwords via the command line or connection files.
     32
     33On MS Windows, the installer will bundle the [https://tortoisesvn.net/ tortoisesvn] version of [https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html putty plink] which includes a GUI for host key confirmation and password input.
     34
     35Since this mechanism relies on executing the ssh client program, you can use the same command line options as you normally would and / or use the openssh configuration files for using tunnels, restricting ciphers, etc.
     36ie: {{{--ssh="ssh -x -c blowfish-cbc"}}}
     37
     38The {{{--exit-ssh}}} switch controls whether the SSH transport is killed when the client terminates, this can be useful if openssh is setup to use connection sharing. (see #203 or details)
     39
     40[[BR]]
     41
     42----
     43
     44
     45=== Paramiko ===
     46
     47This backend is built into the client connection code and provides better diagnostics (using the {{{--debug=ssh}}} switch), and it provides a GUI for confirming host keys, entering key passphrases or passwords.
     48The downside is that since it does not use openssh at all, it does not have the same flexibility and may require re-confirmation of known hosts.
     49}}}