> I'm trying to run an application with export display via ssh tunnel.
> So,
> I connect from my client host (Ubuntu) to my server (RHELv5) with ssh
-
> X
> [EMAIL PROTECTED]
>
> If I try to run xclock, it works ; so, my export display works.
>
> Now I try to run an application that is java embedded, and it doesn't
> want to start, complaining about export display.
> If I try this application on a RHELv4 box, export display works !
>
> Can you see a configuration difference between RHELv4 and RHELv5 that
> could produce that issue ?? Could java been involved in ? How to deal
> with it ?
I've had this issue with Java before...
>From the ssh man page:
-X Enables X11 forwarding. This can also be specified on a
per-host
basis in a configuration file.
X11 forwarding should be enabled with caution. Users with
the
ability to bypass file permissions on the remote host (for
the
user's X authorization database) can access the local X11
display
through the forwarded connection. An attacker may then be
able
to perform activities such as keystroke monitoring.
For this reason, X11 forwarding is subjected to X11
SECURITY
extension restrictions by default. Please refer to the ssh
-Y
option and the ForwardX11Trusted directive in ssh_config(5)
for
more information.
-Y Enables trusted X11 forwarding. Trusted X11 forwardings
are not
subjected to the X11 SECURITY extension controls.
So I would check:
1) Does "ssh -Y" work for you?
2) What is the value of FowardX11Trusted in /etc/ssh/ssh_config?
--
Sam
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
