Re: acess CDE on AIX from linux

From: Thomas (tdshepard_at_comcast.net)
Date: 12/12/03 

Date: 12 Dec 2003 06:38:59 -0800

tdshepard@comcast.net (Thomas) wrote in message news:<4e1d1e52.0312111440.475ea3b8@posting.google.com>...
> Tim <mouse_launcherNO-SPAM@SPAM-ME-NOThotmail.com> wrote in message news:<pan.2003.12.10.19.01.11.845621@SPAM-ME-NOThotmail.com>...
> > On Tue, 09 Dec 2003 18:40:17 +0000, Anil Kommareddy wrote:
> >
> > > Hi
> > >
> > > How can we access CDE on aix 5.1. from linux as exceed software in windows ?
> > >
> > > Anil
> >

OK, so now Anil has been forewarned about some of the security issues
and given several options to try. Let me assume that

1. The AIX machine is set up to accept remote xdmcp logins

and that, therefore,

2. The local network is sufficiently secure that that is OK

also,

3. Anil is using Red Hat Linux, since one of the usenet groups he
posted to was linux.redhat

4. Anil is using Gnome. (KDE is similar. Most anyone nowadays who is
using generic xdm probably doesn't need our help to figure out how to
configure it.)

Try this first:

>From your graphical login screen, look along the bottom of the screen
for some pop-up menus. One of them might say "Session Type" or
something similar. Click on that and see if one of the options looks
like an "xdmcp" or "chooser" or similar. Try it. If this works, you
are in business.

If you don't have this option, then you can enable an Xdmcp login
screen by editing (with root privileges) the file
/etc/X11/gdm/gdm.conf (the contents of which I presume are covered by
the GPL).

Note the comments at the beginning of this file that describe the
gdm-restart and gdm-safe-restart commands that you use to restart gdm
for testing your configuration. And be sure to save a copy of this
file in its original form so you can log in via a command line to
recover in case you make a mistake that hoses your graphical login. A
copy of the original distribution gdm.conf may already exist as
factory-gdm.conf, for the benefit of the careless.

This file is very-well commented.

Search for the line containing the text "[servers]"

Here you will find this:

[servers]
# These are the standard servers. You can add as many you want here
# and they will always be started. Each line must start with a unique
# number and that will be the display number of that server. Usually
just
# the 0 server is used.
0=Standard
#1=Standard

The line "0=Standard" is what instructs gdm to start up the standard
login screen that logs you into your own computer. Now you need the IP
address for that AIX host, which for this example I will assume is

AIX host: 192.168.1.1

So if you change this "0=Standard" line to read

0=Terminal -query 192.168.1.1

and then restart gdm, you should get a login screen that logs you
directly into the CDE session on AIX.

Additional info:

Rather than edit that line, just comment it out and uncomment the line
a little ways below it that is already there for you, i.e., the line
that reads
"#0=Terminal -query serverhostname"

You can put the host name of the AIX server there instead of the IP
address if you have DNS available for it (which would normally be the
case), as in

0=Terminal -query CDEhost.ourlan (or whatever the host is really
called)

If your LAN has more than one host that can host a CDE session, you
might want to use the "chooser" instead, via the lines that look like

0=Terminal -indirect serverhostname

or

0=Chooser

If you want a local login on vt7 and a CDE session of vt8, your
gdm.conf might contain something like this:

0=Standard
1=Terminal -query 192.168.1.1

If so, then when gdm starts up, you will see the local login screen
flash on your display, and then the remote screen for the CDE session.
They will look very similar except for the hostname displayed, and the
xdmcp screen will have a "disconnect" button where the local screen
has a "shutdown" button. You would use ctrl-alt-f7 to go to your local
session.

Note that, under this setup, when you want to shut down your own
computer, you need to make sure the shutdown command is issued to it,
rather than the AIX server. That is why your login screen says
"disconnect" rather than "shutdown."
You can use ctrl-alt-f7 to switch to the local screen and shutdown
from there, or otherwise issue the "shutdown" command to your own
computer. ctrl-alt-delete might do the right thing.

Also, you might want your local Linux apps easily available from the
CDE session. If your machine is called mybox.ourlan, then you could
issue the command

ssh -f mybox.ourlan gnome-panel

for example, (manually or configure CDE to launch it at startup) to
put your gnome panel on the CDE desktop. You would want to position it
so that it doesn't clash with the CDE panel. Then you can launch your
local Linux apps without having to switch screens.

--------------

Finally, if you want to set up another Red Hat Linux Gnome machine to
act as a host for remote xdmcp, look for the section of gdm.conf that
starts with "[xdmcp]"

For security considerations, make sure you understand what is meant by
the comment that reads as follows:

# Distributions: Ship with this off. It is never a safe thing to
leave
# out on the net. Setting up /etc/hosts.allow and /etc/hosts.deny to
only
# allow local access is another alternative but not the safest.
# Firewalling port 177 is the safest if you wish to have xdmcp on.
# Read the manual for more notes on the security of XDMCP.

It would be interesting to see how to set this up so that your xdmcp
login and session are sent encrypted, via ssh and port forwarding for
example, and how to connect this way through local and remote
firewalls to a VPN.