PuTTy and SSHing into multiple servers

2

Background

I have a bash_profile statement that dynamically sets my display variable (Im on wifi most the time) for when i need to run a few x windows programs off of our servers.

if [ ! $DISPLAY ] ; then
    if [ "$SSH_CLIENT" ] ; then
        export DISPLAY=`echo $SSH_CLIENT|cut -f1 -d\ `:0.0
        echo "The display variable has been set to:"$DISPLAY
    fi
fi

Problem

My problem is, lets say i open putty and ssh into sapserver1. My display variable is set correctly. However!

If i then ssh from sapserver1 into sapserver2 my display variable on sapserver2 gets set to that of sapserver1.

Question

Is there a way to forward or mask the connecting IP address of my workstation no matter how many times I ssh into boxes. Either that, or a way to pass the display variable through.

gorelative

Posted 2013-01-17T14:52:49.577

Reputation: 368

Answers

1

Does your work have X forwarding over ssh configured?

Its what we run here, you set DISPLAY once, and any further ssh's chain off of that.

Rich Homolka

Posted 2013-01-17T14:52:49.577

Reputation: 27 121

We do have x11 forwarding enabled. however my script above doesn't seem to set the variable when i login initially. It only sets is when i ssh in from my original server. – gorelative – 2013-01-17T17:56:25.557

1

It's simpler if you avoid setting $DISPLAY in your ~/.bash_profile.

Instead, make sure PuTTY's Enable X11 forwarding option is set. SSH will now automatically set $DISPLAY to a suitable value.

When you SSH from here to the next server, use ssh -X (or set ForwardX11 yes in ~/.ssh/config), and again $DISPLAY will be automatically set.

The only caveat is that your administrator can disable X11 forwarding in sshd_config, so if this doesn't work discuss it with them.

mavit

Posted 2013-01-17T14:52:49.577

Reputation: 541

0

SSH supports setting variables remotely. To do this, you have to whitelist the variable specifically on the server, and instruct the client to forward it.

Steps:

  1. ssh into sapserver2 and edit /etc/ssh/sshd_config to add the following line:

    AcceptEnv DISPLAY
    
  2. Restart the SSH daemon by executing the following command:

    service ssh restart
    
  3. Close the session.

  4. ssh into sapserver1 and edit /etc/ssh/ssh_config to add the following line:

    SendEnv DISPLAY
    
  5. Now, if you ssh into sapserver2, the display variable will get forwarded.

Note that this will only work because the display variable is available to the SSH client (since it was set with export).

If it wasn't, you could serve it to the SSH client using env:

env DISPLAY=$DISPLAY ssh sapserver2

Dennis

Posted 2013-01-17T14:52:49.577

Reputation: 42 934