OneAndOneIs2

And make no mistake, this *is* a crude and ugly hack with "getting it working" as the single priority, and things like "Doing it properly" and "Doing it efficiently" being left on the "ToDo" list

With that said, this is how I'm able to run my Linux apps on any Windows desktop, regardless of firewalls. All it takes is a web connection and a USB drive.

First off, you'll need a Linux PC with a known IP address. So a static IP is helpful, but not necessarily vital. Broadband is a necessity, as X11 forwarding over the web via SSH is dog-slow anyway. Ideally, have your PC behind a router, not directly connected.

Go into your router's admin utility, usually a sweb-based interface, and set up port forwarding. You want all traffic to your router's port 443 to be forwarded to your PC's port 22.

Port 443 is the port used for secure web traffic: Any time your Firefox address bar goes yellow and the URL starts with "https" you're using this port. Security is provided by encryption, and luckily enough, encrypted web content looks exactly the same as encrypted SSH traffic. So pretty much any firewall will allow traffic through on port 443.

But port 443 isn't where SSH runs by default, so rather than hacking the config files, we just have the router redirect the traffic to a different port. The advantage here is if you multi-boot, you don't need to change your SSH configs everywhere.

Speaking of which, you'll need to make sure you have SSH installed and working on your Linux PC. Whilst you're at it, install a proxy as well - I used squid. You need to set squid to allow you to connect, which in my Ubuntu system meant editing /etc/squid/squid.conf and adding the line http_access allow all - this should be safe if you're behind a router and/or have a decent firewall set up, but I make no gaurantees. If you don't understand what this command does, don't use it.

Whilst you're busy with config files anyway, make sure /etc/ssh/sshd_config has X11Forwarding set to "Yes"

Start up squid and ssh, and you're pretty much done here. Now you need to head to your Windows machine with your USB stick. You've got some downloading to do.

Go to Portable Apps and get hold of the portable versions of Firefox and Putty. Install both to your USB drive.

Now you need something that can run an X11 session on Windows. Xming is apparently good for this, but I already had, and so used, Cygwin. Either should work, and they have good installation guides to get your X session up and running.

Start up putty, and get busy. You need to enter:

• In the session screen:
  Your home IP address
  Port 443
• In the Connection -> Data screen:
  Your home username
• In the Connection -> Proxy screen:
  If the place you're connecting from uses a proxy server, you'll need to fill in the details here. Assuming the local IE is set up to access the web, go to Tools, Internet Options, Connections, LAN Settings, Proxy Server. Copy the details from here into Putty.
• In the Connection -> SSH -> X11 screen:
  Tick the "Enable X11 forwarding" box
• In the Connection -> SSH -> Tunnels screen:
  Add new forwarded port
  Source port: 3128
  Destination: localhost:3128
  And click "Add"
• Go back to Session, enter a name in the "Saved Sessions" box, and click "Save"

Putty should now be configured properly: Click "Open" and you should get asked for your password. Give it, and you should get a command-line at your home PC. Wasn't that fun?

Now fire up your portable Firefox. If you're behind a proxy, you'll need the settings you got from IE again. Tools - Options - Advanced - Network - Connection - Settings. Fill in the blanks and you should now be online.

Go grab the "SwitchProxy" extension from the website. Create options to use: the proxy you're behind right now; no proxy at all; and the proxy "localhost" port "3128"

Switch to using the last of these. So long as your SSH connection is open, you should be able to use this proxy. The main advantage of using Firefox like this is that your browsing is invisible to the computer you're on right now, so if you're using, e.g. a public WiFi sport, you know that nobody can snoop on you. The web is being browsed from your home PC, and uploaded through the encrypted SSH connection to your current PC.

Now for the coup de grace - start up your X11 session. If it's cygwin:

• Run cygwin
• At the shell prompt, run startxwin.bat
• An Xterm will open. Enter "xhost +" - it should tell you access control disabled, clients can connect from any host and a black X will appear in your system tray
• Exit both shell prompts, the X should remain in your tray.
• Return to your Putty session, and tell it to run an X command, such as xclock
• Xclock should pop-up on your desktop. Woo!
• Be really adventurous now, and run Firefox. This will show you just how impressive, AND how slow, SSH X11 forwarding can be. Eventually, you'll have a full Firefox session visible on your screen. Cool, isn't it?

And that's pretty much that. There are much better guides around than this one, and they'll tell you how to do this in much securer ways than just setting everything to "Allow all" and trusting to luck. But they'll be much more technical :o)