X11 forwarding through SSH: Can't open display
Hello, I am using FreeBSD 6.2 and I have been trying to get X11 forwarding through SSH to work. I've gotten to the point where the environment variable DISPLAY is set, but I get a Can't open display error when I attempt to run an X application. The remote server in question does not have an X server install. In /etc/ssh/ssh_config, I have the following lines: X11Forwarding yes AllowTcpForwarding yes UseLogin no When I first tried logging in with `ssh -Xvvv u...@host`, I got an error message stating that xauth could not be found. DISPLAY was not set and X11 was not forwarded. `sockstat -4 | grep sshd` didn't return any relevant entries. Looking at the strings of sshd, I noticed that it had a hard-coded path pointing to /usr/X11/bin/xauth, so I made a hard link from /usr/local/bin/xauth to /usr/X11/bin/xauth. Now, sshd can find xauth, and DISPLAY is properly set to localhost:10.0. sockstat shows: USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root sshd 62372 7 tcp4 127.0.0.1:6010*:* However, running `xeyes` reports the error Error: Can't open display: localhost:10.0. Right now, `ssh -Xvvv u...@host` shows: debug2: x11_get_proto: /usr/bin/xauth -f /tmp/ssh-dd77LaQ9BG/xauthfile generate unix:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null Warning: untrusted X11 forwarding setup failed: xauth key data not generated Warning: No xauth data; using fake authentication data for X11 forwarding. debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 On the local end, I have tried connecting with PuTTY, ssh through Cygwin, and ssh on a Ubuntu system. I have also tried ssh -Y as well. Regards, sk89q ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: X11 forwarding through SSH: Can't open display
I meant sshd_config. Regards On Sun, Jan 25, 2009 at 10:02 PM, Peter Boosten pe...@boosten.org wrote: sk89q wrote: Hello, I am using FreeBSD 6.2 and I have been trying to get X11 forwarding through SSH to work. I've gotten to the point where the environment variable DISPLAY is set, but I get a Can't open display error when I attempt to run an X application. The remote server in question does not have an X server install. In /etc/ssh/ssh_config, I have the following lines: X11Forwarding yes AllowTcpForwarding yes UseLogin no Have a look at /etc/ssh/sshd_config of the remote server and restart sshd after modification. Peter -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: X11 forwarding through SSH: Can't open display
On Mon, Jan 26, 2009 at 6:32 AM, Bill Moran wmo...@potentialtech.com wrote: In response to sk89q the.sk...@gmail.com: I meant sshd_config. Do you have the xauth package installed on the remote server? You don't need a full X install, but X11 forwarding won't work without xauth installed. Yes, I do (at least to my knowledge), but xauth is located at /usr/local/bin/xauth. sshd wasn't able to find xauth, so I made a hard link at /usr/X11/bin/xauth to /usr/local/bin/xauth. That fixed a can't-find-xauth error, and that's where I am now. On Sun, Jan 25, 2009 at 10:02 PM, Peter Boosten pe...@boosten.org wrote: sk89q wrote: Hello, I am using FreeBSD 6.2 and I have been trying to get X11 forwarding through SSH to work. I've gotten to the point where the environment variable DISPLAY is set, but I get a Can't open display error when I attempt to run an X application. The remote server in question does not have an X server install. In /etc/ssh/ssh_config, I have the following lines: X11Forwarding yes AllowTcpForwarding yes UseLogin no Have a look at /etc/ssh/sshd_config of the remote server and restart sshd after modification. Peter -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: X11 forwarding through SSH: Can't open display
On Mon, Jan 26, 2009 at 9:21 AM, Chuck Robey chu...@telenix.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 sk89q wrote: On Mon, Jan 26, 2009 at 6:32 AM, Bill Moran wmo...@potentialtech.com wrote: In response to sk89q the.sk...@gmail.com: I meant sshd_config. Do you have the xauth package installed on the remote server? You don't need a full X install, but X11 forwarding won't work without xauth installed. Yes, I do (at least to my knowledge), but xauth is located at /usr/local/bin/xauth. sshd wasn't able to find xauth, so I made a hard link at /usr/X11/bin/xauth to /usr/local/bin/xauth. That fixed a can't-find-xauth error, and that's where I am now. I think a far more likely thing might be being missed here. Usually when I'm surprised when a new system refuses to allow me to remotely open X apps, it's not the problem of ssh, it's because X11, by default, doesn't open up the port 6000 IP socket to allow remotes to work. You can easily use netstat, to look for open sockets 6xxx range, opened by your X server. If you can't find it, then some part of your X installation is likely giving the -nolisten tcp commands when starting up the X server. I don't know how you open your X, so I couldn't directly tell you how to fix this. Being a bit more honest, the X server itself doesn't block the remote ports. It's all of the startup tools (like startx) which stick in the anti-remote prejudice. Giving the fact that it IS a security risk, I guess they're right, it just means that if you want remote operation, you need to tell X (via whatever startup method you use) to stop blocking the opening of that port 6000. Well, the good news is that it works now. The bad news is that I don't know why. I haven't made a change to anything (except change /etc/motd and restart sshd, which I had already previously done numerous times). Nothing else has been restarted. However, I can say that it was most likely an issue on the server, because now it works with PuTTY, ssh -X on Windows, and ssh -X on Ubuntu. Nevertheless, performance (over the Internet) is pretty bad... so I'll probably have to look into NX (even though the version of FreeNX in the ports system presently doesn't support amd64...). Thanks for everyone's help, sk89q ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org