Every now and then I have to verify a graphical application running on the remote server. That must be done via graphical output, no way to do it from the command line.
For those scenarios I usually export the X from the remote interface to my local workstation. That can be done simply by issuing:
ssh -X -C -c blowfish <username>@<remote-server>
From the ssh man page:
-X: Enables X11 forwarding. (X11 forwarding should be enabled with caution. Read the man page); -C: Requests compression of all data; -c cipher_spec: Selects the cipher specification for encrypting the session. The supported values are “3des”, “blowfish”, and “des”.
Using a remote connection to a xenial ppc64el server from a Fedora24, I got the following error:
Unable to negotiate with <server>: no matching cipher found. Their offer: firstname.lastname@example.org,aes128-ctr,aes192-ctr, aes256-ctr,email@example.com,firstname.lastname@example.org
Adding blowfish-cbc (taken from the openssh man page) to the ssh_config files did not “blow it away” though. So to get rid of the error I simply removed the ‘blowfish‘ cipher type, and left the task to the system.
After getting access you won’t notice any difference, for the result is the same as as regular ssh connection. The difference relies on the behavior when you run a graphical application from the CLI. Here I am running HardInfo in the remote system as an example:
Please read the ssh man page carefully to get clearer all security considerations and get advantage of the X exporting when running graphical applications.
Have a nice day.