Hi everyone!
We receive a lot of emails asking how to keep X11-forwarding working after changing user to root inside a SSH session in MobaXterm.
This is by default not allowed on Unix/Linux systems, because the X11 display connection belongs to the user you used to log with when connecting to your remote SSH server. X11-forwarding mechanism does not allow anyone to use the open display.
However, in some cases you may need to start a graphical application like nedit or firefox in a sudo or su context. In order to achieve this, you could manually retrieve X credentials in the su/sudo context by looking up the “xauth list” for the original username and then adding them using “xauth add” to the current context.
You can also use a single (magic) command in order to achieve this!
For instance, here is a simple scenario:
MobaXterm X11 proxy: Authorisation not recognised
Error: Can’t open display: localhost:10.0
I just have to execute the following command in order to retrieve my display and make “xclock” work:
xauth add $(xauth -f ~john/.Xauthority list|tail -1)
We hope this will help you if you need to have a working X11 display through SSH after becoming root.
Hi everyone!
We just built a new release of MobaXterm (version 8.4)!
MobaXterm is your ultimate toolbox for remote computing: in a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all the important remote network tools (SSH, X11, RDP, VNC, FTP, MOSH, SFTP, SCP, …) to Windows desktop, in a single portable exe file which works out of the box.
In this new version, we added experimental support for the SCP protocol in the SSH-browser: it means that you can now select “SCP” protocol (instead of SFTP) in your SSH session settings and MobaXterm will use the SCP protocol in order to graphically browse your remote server.
This new remote SSH-browser implementation has many advantages:
We also improved terminal speed with strong optimizations. In fact, in previous (8.3) version, some users have encountered slowness issues caused by recent support of TrueColors. We managed to fix these slowness issues while preserving TrueColors in terminal.
Some existing features have also been improved: git commands are now properly colored (thanks to a modification in “less” command), we improved detection of running sub-process when starting or stopping MobaXterm, …
Here is the full changelog:
You can download this new release from MobaXterm website.
Hi everyone!
We just built a new release of MobaXterm (version 8.3)!
MobaXterm is your ultimate toolbox for remote computing: in a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all the important remote network tools (SSH, X11, RDP, VNC, FTP, MOSH, …) to Windows desktop, in a single portable exe file which works out of the box.
In this new version, we have corrected a potential vulnerability on default X server settings which were too open (reported to us by Cert.org). In MobaXterm version 8.3, we added a new “on-demand” mode for X11: MobaXterm now shows a popup window in order for you to manually authorize each remote X11 connection. We also added full 256-colors and TrueColor support.
Some existing features have also been improved: a new tooltip indicates columns/rows values when resizing a terminal, a tooltip shows useful information on sessions tree, some new settings have been added for remote sessions, …
Here is the full changelog:
You can download this new release from MobaXterm website.
Hi everyone!
We just built a new release of MobaXterm (version 8.2)!
MobaXterm is your ultimate toolbox for remote computing: in a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all the important remote network tools (SSH, X11, RDP, VNC, FTP, MOSH, …) to Windows desktop, in a single portable exe file which works out of the box.
In this new version, we added a new inline search feature: you can now find some text into the terminal directly by highlighting search terms. This feature has been in our roadmap for long and we are now pleased to release it.
In the previous 8.1 release, we had changed the Paste keyboard shortcut to Ctrl+Shift+Insert: this choice was made because we had been warned that Ctrl+Insert or Shift+Insert were already used by other terminal applications. This was a big mistake because many MobaXterm users rely on the “Shift+Insert” shorcut. In order to provide a working solution for everyone, we implemented this as a “configurable shortcut” in order to choose the keyboard sequence for paste operations. As usual, you can modify this keyboard shortcut in “Settings” –> “Configuration” –> “General” tab –> “MobaXterm keyboard shortcuts”.
We also added an internal SSH agent based on the great PuTTY “Pageant” program which allows you to automatically load SSH keys at MobaXterm startup (OpenSSH or PuTTY types) and to forward them. In order to activate the new internal agent, you can - Go to the global settings, then in the “SSH” section - Check the “Use internal agent” and “Forward agent” settings, then add some keys to the agent keys list by clicking on the “+” button - Restart MobaXterm: the agent will load the selected keys at startup. This will allow you to perform SSH connections using the new Agent.
Here is the full changelog:
You can download this new release from MobaXterm website.
Hi everyone!
We just built a new release of MobaXterm (version 8.1)!
This new version comes with several new improvements among which:
MobaXterm is your ultimate toolbox for remote computing: in a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all the important remote network tools (SSH, X11, RDP, VNC, FTP, MOSH, …) to Windows desktop, in a single portable exe file which works out of the box.
Here is the full changelog:
You can download this new release from MobaXterm website.
Hi everyone!
We just built a new release of MobaXterm (version 8.0)!
This new version comes with several new improvements among which:
MobaXterm is your ultimate toolbox for remote computing: in a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all the important remote network tools (SSH, X11, RDP, VNC, FTP, MOSH, …) to Windows desktop, in a single portable exe file which works out of the box.
Here is the full changelog:
You can download this new release from MobaXterm website.
If you have to set some configuration options in MobaXterm, you would probably go to the MobaXterm configuration window.
However, in order to keep a clean and simple graphical interface, some advanced settings are not displayed in the main configuration window:
We previously discussed about MobaXterm command-line parameters and MobaXterm Customization capabilities in another post, so we will now introduce some ways to modify MobaXterm settings directly into its “MobaXterm.ini” configuration file.
Well, it depends… Your MobaXterm.ini configuration file should be located:
Moreover, you can use the -i commandline setting in order to determine the configuration file path for MobaXterm. For instance, you can specify the configuration file path manually at MobaXterm startup using the following command: C:\Some\place\MobaXterm.exe -i “D:\Data\MobaXterm.ini”
or you can use a network shared folder: C:\Some\place\MobaXterm.exe -i “\MySharedFolder\MobaXterm.ini”
or you can even use a web (HTTP) address in order to retrieve the configuration file: C:\Some\place\MobaXterm.exe -i http://MyIntranetServer/MobaXterm.ini In this case, the configuration file will be read from your intranet and any modification made by the user will be saved in a new MobaXterm.ini file created under %MyDocuments%\MobaXterm folder.
There are many settings which could be put in this MobaXterm.ini configuration file. We will just list the settings which cannot be set using the graphical interface. All these settings should be put under the [Misc] section of the configuration file. These options should be used by advanced users only:
Setting | Default value | Comment |
---|---|---|
MobaTempDir | %TEMP% | Path to MobaXterm temp folder |
XWinSwitches | -hostintitle +bs | Additional X11 commandline parameters |
Scrollbar | 1 | Toggle scrollbar visibility in terminal |
SeparationLine | 1 | Toggle separation line visibility in terminal |
BoldAsFont | no | Render bold text using bold font |
BoldAsColour | yes | Render bold text using different colour |
BellSound | no | Play a "beep" sound when terminal bell is triggered |
BellFlash | no | Flash terminal when terminal bell is triggered |
AllowBlinking | no | Allow font blinking in terminal |
CtrlAltIsAltGr | no | Use Ctrl+Alt keys to simulate AltGr key press |
NbPenguins | 4 | Number of penguins for the "consolesaver" |
TimerConst | 600 | Time (in seconds) before starting the "consolesaver" |
TimerInt | 100 | Time (in ms) between each penguin move in the "consolesaver" |
PgUpDnScroll | 0 | Use PageUp/PageDown without "Shift" modifier for terminal scrolling |
ScrollMod | shift | Change scroll modifier to ctrl/alt/shift |
ScrollbackLines | 360000 | Specify scrollback buffer size |
Concerning SFTP in MobaXterm, some settings can be tuned by editing them directly within MobaXterm configuration file (under the [SFTP] section):
Setting | Default value | Comment |
---|---|---|
AutoAdjustTransferBlock | 0 | Automatically adjust SFTP pipeline and packetsizes |
PipelineLength | 32 | Number of download requests sent simultaneously |
UploadPipelineLength | 32 | Number of upload requests sent simultaneously |
DownloadBlockSize | 32 | Size of the single download request |
UploadBlockSize | 64 | Size of the single upload request |
SftpBufferSize | 256 | Size of the internal SFTP buffers |
DefaultWindowSize | 2048 | Default SSH window size |
MinWindowSize | 2 | Min SSH window size |
MaxSSHPacketSize | 256 | Max SSH packet length |
We hope that this post will be helpful for you.
Of course, if you decide to tune these expert settings and if you report a bug to our support team, please do not forget to specify that you modified some advanced configuration settings!
Hi everyone!
We just built a new release of MobaXterm (version 7.7)!
This new version comes with several new improvements among which:
MobaXterm is your ultimate toolbox for remote computing: in a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all the important remote network tools (SSH, X11, RDP, VNC, FTP, MOSH, …) and Unix commands (bash, ls, cat, sed, grep, awk, rsync, …) to Windows desktop, in a single portable exe file which works out of the box.
Here is the full changelog:
You can download this new release from MobaXterm website.
When you purchase MobaXterm Pro Edition, you get access to a registered copy of MobaXterm and another program called Customizer. Using MobaXterm Customizer, you will be able to generate customized copies of MobaXterm with your own logo and your default settings. Settings specified in the Customizer will be hard-coded within the generated executable itself.
We already discussed about MobaXterm customization in another article. We will now try to explain in details how to secure your MobaXterm installation for your company use.
MobaXterm is already a secure program: its SSH connections are based on the well-known OpenSSH program and encrypted using the OpenSSL library, its sources are available so that anyone can audit them, its passwords can be stored with strong encryption.
For home usage, MobaXterm default settings may be enough to ensure a decent security level. However, depending on your company security rules, you can disable some features which may be considered as unsafe in your professional environment.
In the Customizer program, go to the Settings tab, then to the Security tab.
Each setting can be leaved unchecked (less secure) or checked (more secure), you will have to make some choices between features and security.
For instance:
It is very important to be aware that MobaXterm is only a network client program and that restraining things on the client will not secure your network entirely: it is much more important to secure the server side of your network architecture. For instance, if you need to force your team members to use ssh instead of rlogin/telnet in order to access to a server: even if you restrain MobaXterm in order to prevent it from performing rlogin/telnet connections, if the server is still able to accept such protocols, your team members will still be able to download another network client and to perform insecure connections.
When you purchase MobaXterm Pro Edition, you get access to a registered copy of MobaXterm and another program called Customizer. Using MobaXterm Customizer, you will be able to generate customized copies of MobaXterm with your own logo and your default settings. Settings specified in the Customizer will be hard-coded within the generated executable itself.
In order to perform this operation, just launch MobaXterm_Customizer_X.X.exe This will launch the following graphical interface:
MobaXterm customizer is based on a step-by-step process. You just have to select your parameters (or leave default settings) and select the Next button to proceed to the second step.
The different steps are described hereunder:
In this step you can configure the banner that will be displayed at MobaXterm startup. Of course, if you do not have special requirement about the banner, leave the default text, and select Next.
In this step, you will have access to the default profile used at MobaXterm startup. This profile is the equivalent of the /etc/profile file on Linux operating system. If you are not familiar with profile principles, please keep the default profile and select Next.
In this step, you will have a list of the different MobaXterm features. The customizer allows you to enable or disable these features. The settings allow you to remove games, screensaver or even disable insecure protocols such as RSH, Rlogin or Telnet. All these parameters will become the default settings of the generated MobaXterm application.
In this step, you can choose to set your own logo for the MobaXterm startup and about windows. Just select Browse and pick a picture from your computer.
In this step, you will have the possibility to pre-define MobaXterm sessions. For example you can add SSH sessions and organize these sessions in different folders. After MobaXterm generation, users will have access to these pre-defined sessions. Please note that no password can be stored in the customizer.
In this step, you will have the possibility to add plugins to your MobaXterm customized package. In order to get plugins, please visit http://mobaxterm.mobatek.net/plugins.html and download the requested plugin. Then just add it thanks to the Browse button. Note that plugins have the file extension MXT3.
This step is the last step of the Customizer. The build function allows you to generate your own MobaXterm copy which includes all the settings chosen in previous steps.
From this step you can generate an installation package (MSI file) by clicking on Generate MSI button. You have also the possibility to create a customized portable version, by clicking on the Portable exe button
Finally you also have the possibility to save your customization settings and export them to a file, using the Save Customization button. This will allow you to open it later, or to keep it in order to apply the same settings on any further update of MobaXterm.
We will discuss about using the customizer in order to secure MobaXterm for your company in another article.