Running firefox a bit more safely - HOWTO

Matthew Dillon dillon at backplane.com
Mon Sep 26 10:33:02 PDT 2016


Well, running through the ssh tunnel itself is going to be really slow.  It
will work, but it won't be fun.  Make sure your *current* .Xauthority file
is installed in the other account and also make sure the other account is
in the 'video' group.   .Xauthority changes every time you start X.  I run
a little script to install it whenever I start X (after a fresh reboot of
my workstation, for example).

-Matt

On Mon, Sep 26, 2016 at 9:41 AM, Matthias Play <matthias_play at gmx.net>
wrote:

> Hi Matt,
>
> the script does not work for me as it is listed. I need to call ssh with
> '-Y' to get it working.
>
> I get the following error when calling ssh like it has been suggested:
>
> "Unable to init server: Could not connect: Abstract UNIX domain socket
> addresses not supported on this system
> Error: cannot open display: :0.0"
>
> What might be the reason for this?
>
> Regards
> Matthias
>
>
> On 12.08.15 20:32, Matthew Dillon wrote:
> > The sshd sets the DISPLAY environment variable to point to its tunnel.
> > There is no requirement that you use the tunnel, hence the above script
> > overrides it and sets the DISPLAY to :0.0  (which is a direct local
> > connection) before running firefox.
> >
> > -Matt
> >
> > On Wed, Aug 12, 2015 at 2:22 AM, Carsten Mattner
> > <carstenmattner at gmail.com <mailto:carstenmattner at gmail.com>> wrote:
> >
> >     On Tue, Aug 11, 2015 at 7:32 PM, Matthew Dillon
> >     <dillon at apollo.backplane.com <mailto:dillon at apollo.backplane.com>>
> >     wrote:
> >     >         #!/bin/csh
> >     >         #
> >     >         # script for ~/bin/firefox  (assumes ~/bin is in your path)
> >     >         #
> >     >         scp ~/.Xauthority dfw1 at localhost:
> >     >         ssh dfw1 at localhost -n "setenv DISPLAY :0.0; firefox"
> >
> >     snip
> >
> >     >     * Also note that these applications will be able to use X
> shared memory
> >     >       and thus run fairly optimally (they are NOT using an ssh
> tunnel nor do
> >     >       we want them to as that would be ridiculously slow).
> Programs run in
> >     >       this way will not have direct access to the GPU so 3D might
> not be
> >     >       so hot.  But for general browsing I haven't had any trouble,
> and even
> >     >       with 4K video appears to work about the same as it did
> before.
> >
> >     Can you explain how this works without going through localhost:22?
> >     Isn't X forwarded through the ssh tunnel?
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20160926/c5c9ae19/attachment-0003.htm>


More information about the Users mailing list