Hello,
The server : FreeBSD 7.0 (without screen) on which i install :
/usr/ports/x11/xauth
/usr/ports/x11-fonts/xorg-fonts
/usr/ports/x11/xhost
/usr/ports/x11/xdm
The configuration file on the server ssh /etc/ssh/sshd_config
AllowTcpForwarding yes
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
The configuration file for the client ssh /etc/ssh_config ( depends with
the client )
Host *
ForwardX11 yes
The client machine :
- WinXP with Cygwin+Package X ( application X work well ).
soit un powerbook sous MacOS X 10.4.11 ( application X work well with
XDarwin).
from one the client machine
ssh XX.XX.XX.XX -l user -X
export DISPLAY=localhost:10.0
xeyes &
X connection to localhost:10.0 broken (explicit kill or server shutdown).
so :
xauth list
xauth: creating new authority file /home/user/.Xauthority
No file /home/user/.Xauthority
xauth generate localhost:10.0 .
xauth: creating new authority file /home/user/.Xauthority
X connection to localhost:10.0 broken (explicit kill or server shutdown).
and 2 files
..Xauthority-c ( empty )
..Xauthority-l ( empty )
so i try another way :
xhost +localhost
X connection to localhost:10.0 broken (explicit kill or server shutdown).
su
xhost +localhost
X connection to localhost:10.0 broken (explicit kill or server shutdown).
I look in the log file, look for on the net and do not find my mistake.
Has anyone an idea ?
Thanks
Jeannot
|
|
0
|
|
|
|
Reply
|
 jeannot.lelapin (14)
|
3/5/2009 3:53:16 PM |
|
On Thu, 05 Mar 2009 16:53:16 +0100, Jeannot Lelapin <jeannot.lelapin@free.fr> wrote:
> Hello,
....
> from one the client machine
> ssh XX.XX.XX.XX -l user -X
> export DISPLAY=localhost:10.0
Maybe I'm missing something, but ssh will set $DISPLAY correctly
for you, if it believes it has set it up properly.
> xeyes &
> X connection to localhost:10.0 broken (explicit kill or server shutdown).
....
> I look in the log file, look for on the net and do not find my mistake.
Which log file?
I think this is offtopic in comp.security.unix. But one thing you
definitely should do is run ssh in verbose mode: ssh -v ... and look at the
printouts as the server and client try to agree on what to do.
/Jorgen
--
// Jorgen Grahn <grahn@ Ph'nglui mglw'nafh Cthulhu
\X/ snipabacken.se> R'lyeh wgah'nagl fhtagn!
|
|
|
0
|
|
|
|
Reply
|
 Jorgen
|
3/5/2009 9:30:10 PM
|
|
Hello and thanks Jorgen,
Jorgen Grahn wrote:
> On Thu, 05 Mar 2009 16:53:16 +0100, Jeannot Lelapin <jeannot.lelapin@free.fr> wrote:
>> Hello,
> ...
>> from one the client machine
>> ssh XX.XX.XX.XX -l user -X
>> export DISPLAY=localhost:10.0
>
> Maybe I'm missing something, but ssh will set $DISPLAY correctly
> for you, if it believes it has set it up properly.
But the DISPLAY is not at all set by ssh, so i decide it to export it.
>
>> xeyes &
>> X connection to localhost:10.0 broken (explicit kill or server shutdown).
> ...
>> I look in the log file, look for on the net and do not find my mistake.
>
> Which log file?
>
I dont' find the log file.
> I think this is offtopic in comp.security.unix. But one thing you
> definitely should do is run ssh in verbose mode: ssh -v ... and look at the
> printouts as the server and client try to agree on what to do.
I know that my subject is border line for this newsgroup.
I try ssh -vv and i do not find line like these :
debug2: x11_get_proto: /usr/bin/X11/xauth list :0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
So i am alone in the dark.
>
> /Jorgen
>
Sincerely,
Jeannot
|
|
|
0
|
|
|
|
Reply
|
Jeannot
|
3/5/2009 10:04:03 PM
|
|
On Thu, 05 Mar 2009 23:04:03 +0100, Jeannot Lelapin <jeannot.lelapin@free.fr> wrote:
....
> Jorgen Grahn wrote:
>> On Thu, 05 Mar 2009 16:53:16 +0100, Jeannot Lelapin <jeannot.lelapin@free.fr> wrote:
>>> Hello,
>> ...
>>> from one the client machine
>>> ssh XX.XX.XX.XX -l user -X
>>> export DISPLAY=localhost:10.0
>>
>> Maybe I'm missing something, but ssh will set $DISPLAY correctly
>> for you, if it believes it has set it up properly.
>
> But the DISPLAY is not at all set by ssh, so i decide it to export it.
That is a sure sign that ssh failed (somehow) to set up X11 forwarding.
It would not make sense if it *did* set it up, then decided not to
tell anyone its name. You are just guessing when you say localhost:10.0.
/Jorgen
--
// Jorgen Grahn <grahn@ Ph'nglui mglw'nafh Cthulhu
\X/ snipabacken.se> R'lyeh wgah'nagl fhtagn!
|
|
|
0
|
|
|
|
Reply
|
Jorgen
|
3/5/2009 10:41:13 PM
|
|
In article <slrngr0l2i.2c4.grahn+nntp@frailea.sa.invalid>,
Jorgen Grahn <grahn+nntp@snipabacken.se> wrote:
> On Thu, 05 Mar 2009 23:04:03 +0100, Jeannot Lelapin <jeannot.lelapin@free.fr>
> wrote:
> ...
> > Jorgen Grahn wrote:
> >> On Thu, 05 Mar 2009 16:53:16 +0100, Jeannot Lelapin
> >> <jeannot.lelapin@free.fr> wrote:
> >>> Hello,
> >> ...
> >>> from one the client machine
> >>> ssh XX.XX.XX.XX -l user -X
> >>> export DISPLAY=localhost:10.0
> >>
> >> Maybe I'm missing something, but ssh will set $DISPLAY correctly
> >> for you, if it believes it has set it up properly.
> >
> > But the DISPLAY is not at all set by ssh, so i decide it to export it.
>
> That is a sure sign that ssh failed (somehow) to set up X11 forwarding.
> It would not make sense if it *did* set it up, then decided not to
> tell anyone its name. You are just guessing when you say localhost:10.0.
Maybe his .profile is setting the variable, overriding what ssh sets.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
|
|
|
0
|
|
|
|
Reply
|
Barry
|
3/6/2009 1:49:25 AM
|
|
On 2009-03-05, Jeannot Lelapin <jeannot.lelapin@free.fr> wrote:
> Hello and thanks Jorgen,
>
>
> Jorgen Grahn wrote:
>> On Thu, 05 Mar 2009 16:53:16 +0100, Jeannot Lelapin <jeannot.lelapin@free.fr> wrote:
>>> Hello,
>> ...
>>> from one the client machine
>>> ssh XX.XX.XX.XX -l user -X
>>> export DISPLAY=localhost:10.0
>>
>> Maybe I'm missing something, but ssh will set $DISPLAY correctly
>> for you, if it believes it has set it up properly.
>
> But the DISPLAY is not at all set by ssh, so i decide it to export it.
There's your problem. For whatever reason, ssh is not setting up the
tunnelling. If it was, your DISPLAY variable would be set for you (and,
in fact, that's the only way you can be sure that the DISPLAY variable is
correct). Get rid of the export and work on solving the tunnelling problem.
Once it's solved, the DISPLAY variable will take care of itself.
--
Christopher Mattern
NOTICE
Thank you for noticing this new notice
Your noticing it has been noted
And will be reported to the authorities
|
|
|
0
|
|
|
|
Reply
|
Chris
|
3/6/2009 12:06:44 PM
|
|
Hello and thanks,
Error : DISPLAY is not define in the terminal i use ( terminal MacOs )
When i launch XDarwin on the Macos powerbook ( which runs XDarwin server
X ), echo $DISPLAY : :0.0
In the terminal Macos,
export DISPLAY=:0.0
cd
ssh FreeBSD.IP -l user -X -vv
==>>
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-nw91or4Uiv/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted
timeout 1200 2>/dev/null
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-nw91or4Uiv/xauthfile list :0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
There's no .Xauthority file
i deconnect
cd
xauth generate $DISPLAY .
xauth list display a correct line
ssh FreeBSD.IP -l user -X -vv
==>>
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-bTbDBMXOIH/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted
timeout 1200 2>/dev/null
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-bTbDBMXOIH/xauthfile list :0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
Now i'm connect on the FreeBSD.IP
echo $DISPLAY
localhost:10.0
Well Done !!
But
xeyes &
==>>
debug1: client_input_channel_open: ctype x11 rchan 2 win 65536 max 16384
debug1: client_request_x11: request from FreeBSD.IP 58277
debug2: fd 7 setting O_NONBLOCK
debug1: channel 1: new [x11]
debug1: confirm x11
$ debug2: X11 connection uses different authentication protocol.
X11 connection rejected because of wrong authentication.
debug2: X11 rejected 1 i0/o0
debug2: channel 1: read failed
debug2: channel 1: close_read
debug2: channel 1: input open -> drain
debug2: channel 1: ibuf empty
debug2: channel 1: send eof
debug2: channel 1: input drain -> closed
debug2: channel 1: write failed
debug2: channel 1: close_write
debug2: channel 1: output open -> closed
debug2: X11 closed 1 i3/o3
debug2: channel 1: send close
debug2: channel 1: rcvd close
debug2: channel 1: is dead
debug2: channel 1: garbage collecting
debug1: channel 1: free: x11, nchannels 2
X connection to localhost:10.0 broken (explicit kill or server shutdown).
Any idea about this new error ?
Thanks again,
Jeannot
|
|
|
0
|
|
|
|
Reply
|
Jeannot
|
3/6/2009 1:19:37 PM
|
|
Hello and thanks,
now, i have new trouble :
In /etc/ssh/sshd_config on distant machine under FreeBSD, i write the
following line :
X11DisplayOffset 0
From my local machine under MacOSX :
ssh FreeBSD.IP -l user -X -vv
freezes
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-0ceBE6TVyS/xauthfile generate MIT-MAGIC-COOKIE-1 untrusted
timeout 1200 2>/dev/null
Control+C does not work, i can just just kill it with kill -9
In /etc/ssh/sshd_config on distant machine under FreeBSD, de la machine
distante (FreeBSD), i write the following line :
X11DisplayOffset 10
i can connect from my local machine under MacosX with :
ssh FreeBSD.IP -l user -X -vv
echo $DISPLAY
localhost:10.0
and a ~/.Xauthority coherent file is created
when looking for in ssh log information :
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-0ceBE6TVyS/xauthfile generate MIT-MAGIC-COOKIE-1 untrusted
timeout 1200 2>/dev/null
i cannot find the file /tmp/ssh-0ceBE6TVyS/xauthfile
with ssh FreeBSD.IP -l user -X -vvv, i find :
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
/tmp/ssh-gWMSeUy5lN/xauthfile generate MIT-MAGIC-COOKIE-1 untrusted
timeout 1200 2>/dev/null
Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
debug1: Requesting X11 forwarding with authentication spoofing.
with ssh FreeBSD.IP -l user -Y -vvv, i find :
debug2: x11_get_proto: /usr/X11R6/bin/xauth list 2>/dev/null
Warning: No xauth data; using fake authentication data for X11 forwarding.
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
now on the remote machine under FreeBSD :
$ echo $DISPLAY
localhost:10.0
$ xeyes &
$ debug1: client_input_channel_open: ctype x11 rchan 2 win 65536 max 16384
debug1: client_request_x11: request from FreeBSD.AdressIP 65334
Could not find ':' in DISPLAY:
debug1: failure x11
X connection to localhost:10.0 broken (explicit kill or server shutdown).
I'm looking for this new error
Any idea ?
Jeannot
|
|
|
0
|
|
|
|
Reply
|
Jeannot
|
3/7/2009 3:16:45 PM
|
|
|
7 Replies
593 Views
(page loaded in 0.09 seconds)
Similiar Articles: ssh x11 forwarding - comp.security.unixHello, The server : FreeBSD 7.0 (without screen) on which i install : /usr/ports/x11/xauth /usr/ports/x11-fonts/xorg-fonts /usr/ports/x11/xhost ... ssh, X11 forwarding, xhost and setenv DISPLAY - comp.unix.solaris ...I know that ssh will happily tunnel X11 for me. But, when doing this for an X intensive application, it is annoyingly slow. Usable, but aggravati... X11 connection rejected because of wrong authentication - comp.sys ...I've run three different version of ssh (2.9, 3.5, and the latest) with the ... That might help with >finding out what's wrong, you know. ... ssh, X11 forwarding, xhost ... X Forwarding requirements - comp.unix.solarisssh x11 forwarding - comp.security.unix X Forwarding requirements - comp.unix.solaris batch mode - comp.soft-sys.matlab I am running matlab in batch mode under linux via ... batch mode - comp.soft-sys.matlabHi all, I am running matlab in batch mode under linux via ssh (without X11 forwarding). The call statement is something like this: matlab -nojvm ... ssh DISPLAY variable not set - comp.unix.solarisSetting Environment Variable for ssh ForwardX11 Session - comp ... ssh, X11 forwarding, xhost and setenv DISPLAY - comp.unix.solaris ..... is that you do not loose your ... Setting Environment Variable for ssh ForwardX11 Session - comp ...ssh DISPLAY variable not set - comp.unix.solaris Setting Environment Variable for ssh ForwardX11 Session - comp ... ssh, X11 forwarding, xhost and setenv DISPLAY - comp ... ssh tunelling X11 error - comp.unix.solarisssh x11 forwarding - comp.security.unix Hello and thanks, Error : DISPLAY is not define in the terminal i use ... I know that ssh will happily tunnel X11 for me. X11 connection rejected because of wrong authentication - comp ...ssh x11 forwarding - comp.security.unix X11 connection rejected because of wrong authentication. debug2: X11 rejected 1 i0/o0 debug2: channel 1: read failed debug2 ... putty connection manager - set title on your tab - comp.unix.shell ...ssh x11 forwarding - comp.security.unix putty connection manager - set title on your tab - comp.unix.shell ... ssh x11 forwarding - comp.security.unix putty connection ... X11 Forwarding using SSH - The Linux Documentation Project3. X11 Forwarding using SSH. As I have explained earlier, using XDMCP to display X across Internet is basically a no-no, due to it's lack of encryption across the ... X11 Forwarding over SSH using X-Deep/32 and PuTTYX11 Forwarding over SSH using X-Deep/32 and PuTTY . PC users may need access to graphical interfaces on remote Unix or Linux computers. Frequently, this is ... 7/21/2012 6:54:33 PM
|
Search |
Post Question |
Groups |
Stream |
About |
Register
0 followers. 