Hello folks!
I know that this question is offtopic for this list, but maybe
someone has a clue nonetheless...
I'm trying to access my local X display (on a Gentoo Linux machine,
of course - am I now on topic? *G*) from a remote system (running
Solaris 10U4 on Sparc). I cannot use ssh to login to that machine.
To be somewhat secure, I tried to use xauth, but that doesn't
work....
What did I do?
On the local system, I did:
xauth extract xauth.key $DISPLAY:0.0
ftp $remote -> put xauth.key, in BINary mode
rlogin $remote
On $remote, I did:
export DISPLAY=$linux_box:0.0
xauth merge xauth.key
xterm
Result:
Xlib: connection to "lin000198:0.0" refused by server
Xlib: No protocol specified
xterm Xt error: Can't open display: lin000198:0.0
Hm. Why's that?
X is (of course) running on lin000198 and it's listening on
6000/tcp:
$ sudo netstat -tlpen | grep 6000
tcp 0 0 0.0.0.0:6000 0.0.0.0:*
LISTEN 0 9878 4489/X
Looks good, doesn't it? I'm also able to access the X server
on my local $linux_box, when I do on $linux_box:
xhost +$remote
But I don't want to do that, as xauth is the better, more secure
way.
On $linux_box I ran wireshark/tcpdump and had it capture the
traffic. When I run "xterm" on $remote, I see two packages with
the protocol type "X11". One going from $remote -> $linux_box
and one the other way (the answer). Content is pasted further
down below.
Does anyone know what I might have to tweak, so that xauth works?
I'm using xorg-server-1.4.0.90-r3, if that matters.
Thanks a lot! And sorry for being off topic.
No. Time Source Destination Protocol Info
10 0.860682 10.0.1.26 10.0.3.115 X11
Initial connection request
Frame 10 (66 bytes on wire, 66 bytes captured)
Arrival Time: Feb 7, 2008 07:54:28.331493000
[Time delta from previous captured frame: 0.000470000 seconds]
[Time delta from previous displayed frame: 0.000470000 seconds]
[Time since reference or first frame: 0.860682000 seconds]
Frame Number: 10
Frame Length: 66 bytes
Capture Length: 66 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp:x11]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Ethernet II, Src: 00:03:ba:0c:25:75 (00:03:ba:0c:25:75), Dst: 00:15:c5:59:04:9b
(00:15:c5:59:04:9b)
Destination: 00:15:c5:59:04:9b (00:15:c5:59:04:9b)
Address: 00:15:c5:59:04:9b (00:15:c5:59:04:9b)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
Source: 00:03:ba:0c:25:75 (00:03:ba:0c:25:75)
Address: 00:03:ba:0c:25:75 (00:03:ba:0c:25:75)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.26 (10.0.1.26), Dst: 10.0.3.115 (10.0.3.115)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x31a2 (12706)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xf095 [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.26 (10.0.1.26)
Destination: 10.0.3.115 (10.0.3.115)
Transmission Control Protocol, Src Port: 59653 (59653), Dst Port: x11 (6000),
Seq: 1, Ack: 1, Len: 12
Source port: 59653 (59653)
Destination port: x11 (6000)
Sequence number: 1 (relative sequence number)
[Next sequence number: 13 (relative sequence number)]
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 49640
Checksum: 0xd155 [correct]
[Good Checksum: True]
[Bad Checksum: False]
X11, Request, Initial connection request
byte-order: 0x42 (Big-endian)
unused
protocol-major-version: 11
protocol-minor-version: 0
authorization-protocol-name-length: 0
authorization-protocol-data-length: 0
unused
0000 00 15 c5 59 04 9b 00 03 ba 0c 25 75 08 00 45 00 ...Y......%u..E.
0010 00 34 31 a2 40 00 40 06 f0 95 0a 00 01 1a 0a 00 [EMAIL
PROTECTED]@.........
0020 03 73 e9 05 17 70 67 32 07 fd a9 d9 a8 6b 50 18 .s...pg2.....kP.
0030 c1 e8 d1 55 00 00 42 00 00 0b 00 00 00 00 00 00 ...U..B.........
0040 00 00 ..
No. Time Source Destination Protocol Info
12 0.860837 10.0.3.115 10.0.1.26 X11
Initial connection reply
Frame 12 (86 bytes on wire, 86 bytes captured)
Arrival Time: Feb 7, 2008 07:54:28.331648000
[Time delta from previous captured frame: 0.000147000 seconds]
[Time delta from previous displayed frame: 0.000147000 seconds]
[Time since reference or first frame: 0.860837000 seconds]
Frame Number: 12
Frame Length: 86 bytes
Capture Length: 86 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp:x11]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Ethernet II, Src: 00:15:c5:59:04:9b (00:15:c5:59:04:9b), Dst: 00:03:ba:0c:25:75
(00:03:ba:0c:25:75)
Destination: 00:03:ba:0c:25:75 (00:03:ba:0c:25:75)
Address: 00:03:ba:0c:25:75 (00:03:ba:0c:25:75)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
Source: 00:15:c5:59:04:9b (00:15:c5:59:04:9b)
Address: 00:15:c5:59:04:9b (00:15:c5:59:04:9b)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.3.115 (10.0.3.115), Dst: 10.0.1.26 (10.0.1.26)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 72
Identification: 0x5b70 (23408)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xc6b3 [correct]
[Good: True]
[Bad : False]
Source: 10.0.3.115 (10.0.3.115)
Destination: 10.0.1.26 (10.0.1.26)
Transmission Control Protocol, Src Port: x11 (6000), Dst Port: 59653 (59653),
Seq: 1, Ack: 13, Len: 32
Source port: x11 (6000)
Destination port: 59653 (59653)
Sequence number: 1 (relative sequence number)
[Next sequence number: 33 (relative sequence number)]
Acknowledgement number: 13 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5888 (scaled)
Checksum: 0x18c7 [incorrect, should be 0xbaee (maybe caused by "TCP
checksum offload"?)]
[Good Checksum: False]
[Bad Checksum: True]
X11, Reply, Initial connection reply
success: 0
length-of-reason: 22
protocol-major-version: 11
protocol-minor-version: 0
replylength: 6
reason: No protocol specified.
undecoded
0000 00 03 ba 0c 25 75 00 15 c5 59 04 9b 08 00 45 00 ....%u...Y....E.
0010 00 48 5b 70 40 00 40 06 c6 b3 0a 00 03 73 0a 00 [EMAIL
PROTECTED]@......s..
0020 01 1a 17 70 e9 05 a9 d9 a8 6b 67 32 08 09 50 18 ...p.....kg2..P.
0030 00 5c 18 c7 00 00 00 16 00 0b 00 00 00 06 4e 6f .\............No
0040 20 70 72 6f 74 6f 63 6f 6c 20 73 70 65 63 69 66 protocol specif
0050 69 65 64 0a e4 bf ied...
Michael
--
[email protected] mailing list
