My window manager is Openbox and I can't find any setting for this in Openbox configuration?
I would prefer not to have a full remote desktop, is the type of filtering I'm seeking possible without that?
Xubuntu 22.04, ArchLinux ♦ System76 hardware, virt-manager/KVM, VirtualBox
When your questions are resolved to your satisfaction, please use Thread Tools > "Mark this thread as solved..."
ssh uses the C/S as most people expect. The local machine is the client and the remote machines is the server.
X11 swaps that. The "server" is the machine you sit behind that does the displaying, sending keyboard and mouse events to the clients and all the remote programs (or local programs) are the X/Clients sending requests to the server. When we use ssh -X (or ssh -Y), all we are doing is
- setting up a tunnel between the local and remote system
- telling the X/Windows system we want X11Forwarding to be used through a specific X-display port
- automatically setting a new DISPLAY environment variable, so the correct X-display port is used
It gets a little fuzzy around the mouse since there are different implementations. The X/Server knows the most about it, but it also knows which widget it is over and keyboard/mouse events are sent to the windowID and passed in the different layers to the most specific widget that will accept the specific Xevent type. There are software-mice and hardware-mice implementations. But none of this is usually important.
Gee - who'd a thunk all that X/Windows Developer training would finally payoff 25 yrs later? Now If I could just unload the (7) 2inch thick paper books on X11, that would be nice. The complete set came with the training.
Thanks TheFu, that answers my remaining questions. It's weird that this type of filtering doesn't exist. Fortunately in my specific case all machines involved are trusted and under my administrative control, so at least this won't be a security problem.
For cases where this would be a problem, maybe I can work something with a Xephyr? Will experiment with that a bit before marking this solved.
* firejail --x11 --noprofile openbox and doing SSH from a Terminal launched inside the Xephyr does isolate the remote windows from (enough of) the local windows. Considering this thread as solved as it'll get. Thanks again all for the help
Last edited by halogen2; May 22nd, 2021 at 02:46 PM.
Xubuntu 22.04, ArchLinux ♦ System76 hardware, virt-manager/KVM, VirtualBox
When your questions are resolved to your satisfaction, please use Thread Tools > "Mark this thread as solved..."
X11 is designed to be network agnostic. Even the local X/Clients connecting to an X/Server on-the-same-machine use IP-sockets to communicate. The fact that the X/Client could be on a different machine and across the globe isn't really important for X.
It seems you've come to a technique that few people use. Basically, you want an integrated desktop, but without the desktop.
With most WMs, we can add menu items that run whatever commands we like. I have a few menuitems in my fvwm that run remote commands for me.
fvwm supports functions, so I have one that does remote ssh sessions. Here's the line that creates a menu entry to be clicked:
And the terminal+sshCode:+ &istar FuncFvwmRloginSshRxvt istar
I suppose I could find all the .desktop files on the remote system, pull those back to my workstation, then modify them to use ssh -X:Code:AddToFunc FuncFvwmRloginSshRxvt \ I Exec rxvt-unicode -fs 18 -bg black -fg white -fa 'Monospace' -name $0 -n $0 -title $USER@$0 -e ssh -X $0
$ more ~/bin/thunderbird.sh
But for the stuff I use all the time, I've setup accel keys to launch them or just use tab-completion in a terminal to launch. That means I'm consistent in the things I've decided to run more protected. Clearly, I'm using ssh-agent and ssh-keys for authentication to remove the prompt hassles.Code:ssh -X regulus "/usr/bin/firejail /usr/bin/thunderbird" &
Bookmarks