Running firefox a bit more safely - HOWTO
Matthew Dillon
dillon at backplane.com
Mon Sep 26 10:33:02 PDT 2016
Well, running through the ssh tunnel itself is going to be really slow. It
will work, but it won't be fun. Make sure your *current* .Xauthority file
is installed in the other account and also make sure the other account is
in the 'video' group. .Xauthority changes every time you start X. I run
a little script to install it whenever I start X (after a fresh reboot of
my workstation, for example).
-Matt
On Mon, Sep 26, 2016 at 9:41 AM, Matthias Play <matthias_play at gmx.net>
wrote:
> Hi Matt,
>
> the script does not work for me as it is listed. I need to call ssh with
> '-Y' to get it working.
>
> I get the following error when calling ssh like it has been suggested:
>
> "Unable to init server: Could not connect: Abstract UNIX domain socket
> addresses not supported on this system
> Error: cannot open display: :0.0"
>
> What might be the reason for this?
>
> Regards
> Matthias
>
>
> On 12.08.15 20:32, Matthew Dillon wrote:
> > The sshd sets the DISPLAY environment variable to point to its tunnel.
> > There is no requirement that you use the tunnel, hence the above script
> > overrides it and sets the DISPLAY to :0.0 (which is a direct local
> > connection) before running firefox.
> >
> > -Matt
> >
> > On Wed, Aug 12, 2015 at 2:22 AM, Carsten Mattner
> > <carstenmattner at gmail.com <mailto:carstenmattner at gmail.com>> wrote:
> >
> > On Tue, Aug 11, 2015 at 7:32 PM, Matthew Dillon
> > <dillon at apollo.backplane.com <mailto:dillon at apollo.backplane.com>>
> > wrote:
> > > #!/bin/csh
> > > #
> > > # script for ~/bin/firefox (assumes ~/bin is in your path)
> > > #
> > > scp ~/.Xauthority dfw1 at localhost:
> > > ssh dfw1 at localhost -n "setenv DISPLAY :0.0; firefox"
> >
> > snip
> >
> > > * Also note that these applications will be able to use X
> shared memory
> > > and thus run fairly optimally (they are NOT using an ssh
> tunnel nor do
> > > we want them to as that would be ridiculously slow).
> Programs run in
> > > this way will not have direct access to the GPU so 3D might
> not be
> > > so hot. But for general browsing I haven't had any trouble,
> and even
> > > with 4K video appears to work about the same as it did
> before.
> >
> > Can you explain how this works without going through localhost:22?
> > Isn't X forwarded through the ssh tunnel?
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20160926/c5c9ae19/attachment-0003.htm>
More information about the Users
mailing list