xpra icon
Bug tracker and wiki

Changes between Version 29 and Version 30 of ProxyServer


Ignore:
Timestamp:
05/08/18 09:44:43 (6 months ago)
Author:
Antoine Martin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • ProxyServer

    v29 v30  
    4646To start the proxy server, simply run:
    4747{{{
    48 xpra proxy :20 --auth=allow --bind-tcp=0.0.0.0:443
     48xpra proxy :20 --auth=allow --bind-tcp=0.0.0.0:8443
    4949}}}
    5050
    5151If only one session is accessible, users can connect as usual with:
    5252{{{
    53 xpra attach tcp:USERNAME:PASSWORD@PROXYHOST:443
     53xpra attach tcp:USERNAME:PASSWORD@PROXYHOST:8443
    5454}}}
    5555
    5656If there is more than one session accessible for this user, the client also needs to specify which display it wishes to connect to using the extended attach syntax: "{{{tcp/USERNAME:PASSWORD@SERVER:PORT/DISPLAY}}}":
    5757{{{
    58 xpra attach tcp/username:password@127.0.0.1:443/100
     58xpra attach tcp/username:password@127.0.0.1:8443/100
    5959}}}
    6060[[BR]]
     
    6565* once authenticated, the proxy server spawns a new process and no longer runs as root
    6666* the display number chosen for the proxy server is only used for identifying the proxy server and interacting with it using the regular tools ("{{{xpra info}}}", etc)
     67* to use ports lower than 1024 either use {{{--min-port}}} and run as root and or see [https://superuser.com/questions/710253/ allow non-root process to bind to port 80 and 443]
    6768}}}
    6869
     
    101102== Detailed Example ==
    102103
    103 * Start a proxy server on port 443 using the "{{{multifile}}}" authentication module (we will call this server {{{PROXYHOST}}}):
     104* Start a proxy server on port 8443 using the "{{{multifile}}}" authentication module (we will call this server {{{PROXYHOST}}}):
    104105{{{
    105 xpra proxy :100 --bind-tcp=0.0.0.0:443 --auth=multifile:filename=./xpra-auth
     106xpra proxy :100 --bind-tcp=0.0.0.0:8443 --auth=multifile:filename=./xpra-auth
    106107}}}
    107108* Start the session we wish to access via the {{{PROXYHOST}}} (we call this {{{TARGETHOST}}} - for testing, this can be the same host as {{{PROXYHOST}}}):
     
    111112* on {{{PROXYHOST}}}, add a user to the auth file pointing to {{{TARGETHOST}}} (ie: {{{192.168.1.200}}} should be {{{TARGETHOST}}}'s IP):
    112113{{{
    113 echo "john|secretpassword|1000|1000|tcp:192.168.1.200:10000|EXAMPLE_ENV=VALUE|compression=0" >> ./xpra-auth
     114echo "foo|secretpassword|1000|1000|tcp:192.168.1.200:10000|EXAMPLE_ENV=VALUE|compression=0" >> ./xpra-auth
    114115}}}
    115116* create the password file on the client:
     
    119120* connect the client to the proxy server:
    120121{{{
    121 xpra attach --username=myusername --password-file=./password.txt $PROXYHOST:443
     122xpra attach --username=myusername --password-file=./password.txt $PROXYHOST:8443
    122123}}}
    123124