Re: Cygwin/X Authentication Config Issue
BZAG yahoo.com> writes: > The other related factoid is that all of this still comes over on port 6000. > The fact that localhost:10 is used is neither here nor there as far as the > port > is concerned because the tunnel is already established before you logon. > Anyone who plays with firewall logs will know that if you toy with the display > number interactively on the remote server, > it generally causes the remote machine to spit out on port 6000+displaynumber. > This is NOT the case if you don't mess with the DISPLAY environment. > I spoke a bit too soon about the port. The tunnel controls the port completely, so port 6000 doesn't even show up in the firewall. This makes sense, too, because all of the packets are using the SSH tunnel which is controlled under its own port. The fact that a netstat -n on the remote machne shows port 6010 on the localhost address is only an established listening post and is not used. The real traffic is going through the sshd tunnel and port. And none of this is sing any of the standard mechanisms for port forwarding (I am not using them in PuTTY, for example), just in case anyone is wondering. I'm done I hope. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: Cygwin/X Authentication Config Issue
After ALOT of horsing around with this issue and trying to understand how all of this works, I finally zeroed in on my own problem which was, after all, documented somewhere. The issue is that the DISPLAY parameter CANNOT be set in any login shells on the remote X-client, EVEN IF IT IS THE SAME VALUE. If someone could actually explain this that would be great, because I've been trying to understand how this works for some time. My guess at it is this: Once the SSH tunnel is established, changing the DISPLAY environment via login script or interactively tries to bypass the tunnel and go its own way, even if the DISPLAY value is the same IP:displaynumber.screennumber as the one being used. To prove my point, ssh automatically sets DISPLAY to localhost:10.0 on the remote X-client, EVEN IF IT IS OVER THE NETWORK. This plays a bit of havoc with one's sensibilities, because localhost is normally the machine the interactive session is actually on. But because it is an SSH tunnel, the interactive session "remembers" that it is on your X-server's machine and NOT on your X-Client machine. So, the DISPLAY parameter that is actually IN your X-Client's environment is not REAL because of the tunnel, and setting it to the same value interactively actually DOES change it to the REAL localhost of your X-Client, thus destroying your connection to the tunnel. The big kicker for me is that I use PuTTY, and in the SSH-X11 section of PuTTY there are TWO entries. One is a check box for X11 Forwarding and the other is an X11 display location parameter. I had to REMOVE the "localhost:0" entry I had in the location parameter. I also tried "localhost:10" and that failed also. By deleting the entry altogether, the tunnel now works with PuTTY. The other related factoid is that all of this still comes over on port 6000. The fact that localhost:10 is used is neither here nor there as far as the port is concerned because the tunnel is already established before you logon. Anyone who plays with firewall logs will know that if you toy with the display number interactively on the remote server, it generally causes the remote machine to spit out on port 6000+displaynumber. This is NOT the case if you don't mess with the DISPLAY environment. KUDOS to the guys from MicroImages, because their X-server works without these difficulties, meaning it uses the DISPLAY parameter set on the X-Client to connect. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: update cygwin and now X wont start!
I believe Windows Firewall has a setting for applications. Some PC firewalls do (the one I have does), meaning if the executable changes you have to tell the firewall it's ok for it to go again. Even though your post indicates it is failing at startup, the error is reporting socket access issues, meaning the network and therefore involving the firewall. You should find a Windows Firewall icon in Control Panel. Try poking around in there. I can't help you more than that because I don't have any XP boxes around here, just W2K. But I would start by looking for an entry for Xwin. If WXP does what it's supposed to do, when the exe changes it should turn off access at the firewall. The idiotic thing is that it should ask you for permission to turn on again. Unfortunately, it's not starting up enough for you to get to the network to actually cause a popup request for access, and somehow the security features probably in the firewall are locking out socket access. One thing you CAN check, to see if it's the firewall, is turn off the firewall completely before you start xwin. If that doesn't work, my Windows paranoia is also telling me to say that you might want to reboot with the firewall OFF and try to start xwin when it comes back up, but you have to disable the service to shut it off completely. If you use another firewall like Symantec's, you have to fiddle with that instead, for example, because that would substitute itself for Windows Firewall. Just in case you don't do much with firewalls, it goes without saying that you should not turn off your firewall if you are on the internet. But it won't be so bad if you are behind a cable/DSL router that has a builtin firewall/NAT router, because that will protect you for the limited time you need to test. Otherwise, if you are on campus Res LAN, for example, don't do it! BZ. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: Cygwin/X Authentication Config Issue
BZAG yahoo.com> writes: Addendum: The X Server works locally using a local X Client xterm session. I only have issues when it has to go out to the network. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Cygwin/X Authentication Config Issue
I am trying to use a W2K laptop to run Cygwin/X but I keep getting a connection refused, xlib no protocol error when I try to run remote windows by SSH into BSD/Linux boxes. So I tried to setup Cygwin/X on my W2K PC, another box, which had a MI/X server. I have no problem with MI/X - I always get the displays. But on this W2K PC I have the same problem with Cygwin/X - and my PC firewall requests connection when the port 6000 packets come in - the xserver is refusing the connection. So it sounds like an authentication issue. Do I have to do something with xauth to get this working? -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
