You are not logged in.
Hi. I am trying to do something which should be rather easy, but by now I have spent hours on it and am very confused. I would like to set up sshd so that I can type:
michael@gilgamesh ~$ ssh -X michael@ellez
michael@192.168.1.100's password:
[michael@ellez ~]$ xeyes
and have the program xeyes load on my computer. Both machines (gilgamesh and ellez, client and server) are running ArchLinux and have the same version of OpenSSH.
[michael@ellez ~]$ ssh -V
OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007
michael@gilgamesh ~$ ssh -V
OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007
However, when I try to run xeyes I get:
[michael@ellez ~]$ xeyes
Error: Can't open display: localhost:10.0
I am quite convinced that this is not a client problem, because I can ssh -X into a university machine and X11 programs open just fine. Moreover, I set up sshd on the client (ellez) and I can run the following successfully:
michael@gilgamesh ~$ ssh -X localhost
michael@localhost's password:
michael@gilgamesh ~$ xeyes
To make the problem more confusing, /etc/ssh/sshd_config is the same on both machines. I will show the uncommented lines below:
ListenAddress 0.0.0.0
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
X11DisplayOffset 10
Subsystem sftp /usr/lib/ssh/sftp-server
Can anyone think of something else that may be causing the problem? Unfortunately, I cannot look at the /etc/ssh/sshd_config on the university machine.
Offline
Aaah! I've reinstalled OpenSSH but it didn't solve anything. I feel that this problem must be due to some security setting elsewhere or another program, but I don't know where to look.
DAEMONS=(syslog-ng netfs @crond dbus hal gdm @cpufreq @wicd portmap nfslock @nfsd @sshd @samba alsa @autofs mpd)
It also does not work if I run 'xhost +' on the client and then change the DISPLAY variable.
[michael@ellez ~]$ export DISPLAY=192.168.1.106:0.0
[michael@ellez ~]$ xeyes
Error: Can't open display: 192.168.1.106:0.0
Offline
michael@gilgamesh ~$ ssh -Y michael@ellez
doesn't work either?
Offline
You have to enable one computer to export GUI programs on the other's display. Look for the man page of xhosts. If I am correct, you would do smth. like this on ellez to be able to run X programs from gilgamesh (as root, of course):
# xhosts +gilgamesh
You could of course do
# xhosts +
therefore allowing everybody to access your display, but that IS a bad ideea, as far as security is concerned.
Offline
I tried this yesterday with no success. I will try it again when I get home, but I don't think this is the solution. If I use my roommates computer, I can ssh -X into ellez without running xhost + on either machine--and X forwarding works.
Offline
Her i can forward X only with -Y flag...lol
So ssh -Y and so on...ssh -X never worked for me.
Have you ever tried it?
Offline
In my sshd_config file I have also:
AllowTcpForwarding yes
Try to add/uncomment it and then try to log in with:
$ ssh -Y -l user server
Offline
Arch has /etc/X11/xinit/xserverrc contain "exec /usr/bin/X -nolisten tcp" and this prevents remote X11 connections. I've changed mine to "exec /usr/bin/X ###-nolisten tcp" which comments out the -nolisten argument. You will have to restart X for this to take effect. Then you still need some xhost magic to get what you want to work.
Offline
In my sshd_config file I have also:
AllowTcpForwarding yesTry to add/uncomment it and then try to log in with:
$ ssh -Y -l user server
This did not work ;-(
Offline
Arch has /etc/X11/xinit/xserverrc contain "exec /usr/bin/X -nolisten tcp" and this prevents remote X11 connections. I've changed mine to "exec /usr/bin/X ###-nolisten tcp" which comments out the -nolisten argument. You will have to restart X for this to take effect. Then you still need some xhost magic to get what you want to work.
This also did not work. I did try running 'xhost +' on the client machine.
Offline