SSH Connections

This transport is supported by all python clients and Posix servers. (see #1920 for generic SSH server support feature)

See also wiki/Network.

Server Setup

This type of transport does not usually require any specific bind command line option.

With a default configuration, starting a server will create unix domain sockets. Those sockets can be seen with xpra list.

When connecting over SSH, the client will execute a proxy command to relay to one of these sockets, forwarding it as a pipe over the network back to the client.

Client

Starting with version 2.4, there are now 2 backends which can be used for SSH transport. Older versions only support the openssh mode. In auto mode, paramiko will be used if installed.

The backend can be selected using the --ssh= switch. (ie: --ssh=paramiko)

OpenSSH

This mechanism relies on ​openssh on Posix systems, optionally using ​sshpass to supply passwords via the command line or connection files.

On MS Windows, the installer will bundle the ​tortoisesvn version of ​putty plink which includes a GUI for host key confirmation and password input.

Since this mechanism relies on executing the ssh client program, you can use the same command line options as you normally would and / or use the openssh configuration files for using tunnels, restricting ciphers, etc. ie: --ssh="ssh -x -c blowfish-cbc"

The --exit-ssh switch controls whether the SSH transport is killed when the client terminates, this can be useful if openssh is setup to use connection sharing. (see #203 or details)

---

Paramiko

This backend is built into the client connection code and provides better diagnostics (using the --debug=ssh switch), and it provides a GUI for confirming host keys, entering key passphrases or passwords. The downside is that since it does not use openssh at all, it does not have the same flexibility and may require re-confirmation of known hosts.