I can get "secure" but unusable Xnest like this:
Which gives me a window containing a login screen. The problem is, the keyboard is gobbledygook.
ssh -X 192.168.1.100
Xnest :1 -geometry 1920x1050 -query localhost
The bottom of the man page, "FUTURE DIRECTIONS", gives me little hope:
I'd rather have this all be secure given that it can under some circumstances be over wireless, but for now I guess I have something that will work.
Perhaps there should be a command-line option to tell Xnest to inherit the keyboard and pointer control parameters from the real server rather than imposing its own.