FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 11-21-2007, 11:18 AM
bill purvis
 
Default 7.04: X11 remote display problem

I'm still having no joy with getting anything to open a remote X11
window on my laptop since I changed to Ubuntu from Mandrake.

I'm using ssh to log in to my server (and yes I've tried using ssh -X
but that makes no difference). Once I'm logged in I try to start an
emacs window on the laptop:

server$ echo $DISPLAY
felix:0.0
server$ emacs &
server$ emacs: Cannot connect to X server felix:0.0.
Check the DISPLAY environment variable or use `-d'.
Also use the `xhost' program to verify that it is set to permit
connections from your machine.


[1]+ Exit 1 /usr/bin/emacs -geometry 80x48 -font 9x15

running 'xhost +' on the laptop (and yes, I know it's not that
secure, but I'm relying on the firewall on the server to prevent
anyone from outside logging in via X11)
says:

felix$ xhost +
access control disabled, clients can connect from any host
felix$

I've been looking in the /etc/X11 directory and found Xwrapper.config.
This states that Ubuntu has a security wrapper around the X server.
I have tried changing this from 'allowed_users=console' to
'allowed_users=anyone', ran 'dpkg-reconfigure x11-common'
and logged off and on again, but still no improvement.

Does anyone know anything about this security wrapper?

Bill
--
+---------------------------------------+
| Bill Purvis, Amateur Mathematician |
| email: bil@beeb.net |
| http://bil.members.beeb.net |
+---------------------------------------+

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2007, 11:43 AM
Smoot Carl-Mitchell
 
Default 7.04: X11 remote display problem

On Wed, 2007-11-21 at 12:18 +0000, bill purvis wrote:
> I'm still having no joy with getting anything to open a remote X11
> window on my laptop since I changed to Ubuntu from Mandrake.
>
> I'm using ssh to log in to my server (and yes I've tried using ssh -X
> but that makes no difference). Once I'm logged in I try to start an
> emacs window on the laptop:
>
> server$ echo $DISPLAY
> felix:0.0
> server$ emacs &
> server$ emacs: Cannot connect to X server felix:0.0.
> Check the DISPLAY environment variable or use `-d'.
> Also use the `xhost' program to verify that it is set to permit
> connections from your machine.

Turn on X11 port forwarding on your ssh client and server. The X session
will be port forwarded over the SSH connection which is a more secure
way to run X remotely. The relevant configuration files
are /etc/ssh/ssh_config and /etc/ssh/sshd_config.
--
Smoot Carl-Mitchell
System/Network Architect
email: smoot@tic.com
cell: +1 602 421 9005
home: +1 480 922 7313

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2007, 01:55 PM
bill purvis
 
Default 7.04: X11 remote display problem

On Wednesday 21 November 2007, Smoot Carl-Mitchell wrote:
> On Wed, 2007-11-21 at 12:18 +0000, bill purvis wrote:
> > I'm still having no joy with getting anything to open a remote X11
> > window on my laptop since I changed to Ubuntu from Mandrake.
> >
> > I'm using ssh to log in to my server (and yes I've tried using ssh -X
> > but that makes no difference). Once I'm logged in I try to start an
> > emacs window on the laptop:
> >
> > server$ echo $DISPLAY
> > felix:0.0
> > server$ emacs &
> > server$ emacs: Cannot connect to X server felix:0.0.
> > Check the DISPLAY environment variable or use `-d'.
> > Also use the `xhost' program to verify that it is set to permit
> > connections from your machine.
>
> Turn on X11 port forwarding on your ssh client and server. The X session
> will be port forwarded over the SSH connection which is a more secure
> way to run X remotely. The relevant configuration files
> are /etc/ssh/ssh_config and /etc/ssh/sshd_config.
> --
Smoot,
unless I'm mis-reading it this is turned on:

/etc/ssh/ssh_config (on felix)

# ForwardX11 no

and in any case, I tried it with -X option which is supposed to override
that and it still don't work.

Oh, and I've got

X11Forwarding yes

in /etc/ssh/sshd_config on both machines.

Bill
--
+---------------------------------------+
| Bill Purvis, Amateur Mathematician |
| email: bil@beeb.net |
| http://bil.members.beeb.net |
+---------------------------------------+

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2007, 03:01 PM
Leo Cacciari
 
Default 7.04: X11 remote display problem

Il giorno mer, 21/11/2007 alle 14.55 +0000, bill purvis ha scritto:
> Smoot,
> unless I'm mis-reading it this is turned on:
>
> /etc/ssh/ssh_config (on felix)
>
> # ForwardX11 no
You misread If the value commented out in the default configuration
file is (normally) the default value.
Try using option -X (Capital X) to ssh, this will enable ssh port
forwarding for X even if is disabled in /etc/ssh_config. Of course, it
still must be enabled in sshd_conf on the server machine.

If this does not work, try running ssh in debug mode and see what it
says...

--
Leo "TheHobbit" Cacciari

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2007, 04:09 PM
bill purvis
 
Default 7.04: X11 remote display problem

On Wednesday 21 November 2007, you wrote:
> Il giorno mer, 21/11/2007 alle 14.55 +0000, bill purvis ha scritto:
> > Smoot,
> > unless I'm mis-reading it this is turned on:
> >
> > /etc/ssh/ssh_config (on felix)
> >
> > # ForwardX11 no
>
> You misread If the value commented out in the default configuration
> file is (normally) the default value.
> Try using option -X (Capital X) to ssh, this will enable ssh port
> forwarding for X even if is disabled in /etc/ssh_config. Of course, it
> still must be enabled in sshd_conf on the server machine.
>
> If this does not work, try running ssh in debug mode and see what it
> says...
Leo,
You didn't read all my message - I had already tried the -X option with no
joy. And all the config files I've dealt with don't follow your convention -
they usually provide ability to switch by simply commenting or uncommenting
the line.

However,
I did try changing the ssh_config file to read

ForwardX11 yes

but still no joy.
I have tried using the debug option (-vv)
and got the following. Note that the IP addresses are private to my network
so I don't think this reveals much to any outside hackers.

Felix is the laptop, bohuslav is the server...

---------------------------------------------------------------------
felix ~$ ssh -vv bohuslav
OpenSSH_4.3p2 Debian-8ubuntu1, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to bohuslav [192.168.0.154] port 22.
debug1: Connection established.
debug1: identity file /home/bill/.ssh/identity type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/bill/.ssh/id_rsa type 1
debug1: identity file /home/bill/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-8ubuntu1
debug2: fd 3 setting O_NONBLOCK
debug1: An invalid name was supplied
Configuration file does not specify default realm

debug1: An invalid name was supplied
A parameter was malformed
Validation error

debug1: An invalid name was supplied
Configuration file does not specify default realm

debug1: An invalid name was supplied
A parameter was malformed
Validation error

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 124/256
debug2: bits set: 510/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'bohuslav' is known and matches the RSA host key.
debug1: Found key in /home/bill/.ssh/known_hosts:2
debug2: bits set: 519/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/bill/.ssh/identity ((nil))
debug2: key: /home/bill/.ssh/id_rsa (0x80054500)
debug2: key: /home/bill/.ssh/id_dsa ((nil))
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/bill/.ssh/identity
debug1: Offering public key: /home/bill/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug2: input_userauth_pk_ok: fp
<rsa key edited out, just in case>8-)
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: x11_get_proto: /usr/bin/X11/xauth list :0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 0
debug1: Sending environment.
debug1: Sending env LC_COLLATE = C
debug2: channel 0: request env confirm 0
debug1: Sending env LANG = C
debug2: channel 0: request env confirm 0
debug2: channel 0: request shell confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072
Last login: Wed Nov 21 16:46:31 2007 from felix.billp.org
bohuslav bill$ emacs &
[1] 20965
bohuslav bill$ emacs: Cannot connect to X server felix:0.0.
Check the DISPLAY environment variable or use `-d'.
Also use the `xhost' program to verify that it is set to permit
connections from your machine.


[1]+ Exit 1 /usr/bin/emacs -geometry 80x48 -font 9x15
bohuslav bill$

That all looks OK to me apart from a couple of validation errors, which
don't convey much to me, and of course the failure of emacs to make a
connection. Since there is no indication of what the invalid name was
I can't see how to fix that.

Bill
--
+---------------------------------------+
| Bill Purvis, Amateur Mathematician |
| email: bil@beeb.net |
| http://bil.members.beeb.net |
+---------------------------------------+

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2007, 09:51 PM
bill purvis
 
Default 7.04: X11 remote display problem

Still clutching at straws - I decided to check if I could still use ssh
from the server to get back to the laptop:

(this is in an ssh session from felix->bohuslav)

bohuslav $ ssh felix
Warning: No xauth data; using fake authentication data for X11 forwarding.
Linux felix 2.6.20-16-generic #2 SMP Sun Sep 23 19:50:39 UTC 2007 i686
Last login: Wed Nov 21 20:59:31 2007 from bohuslav
felix $

That works fine, though I'm not too sure about the Warning: message.
Could this have any relevance to my problems?

Bill
--
+---------------------------------------+
| Bill Purvis, Amateur Mathematician |
| email: bil@beeb.net |
| http://bil.members.beeb.net |
+---------------------------------------+

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2007, 12:54 PM
Joachim Schrod
 
Default 7.04: X11 remote display problem

bill purvis wrote:
> I'm still having no joy with getting anything to open a remote X11
> window on my laptop since I changed to Ubuntu from Mandrake.
>
> I'm using ssh to log in to my server (and yes I've tried using ssh -X
> but that makes no difference). Once I'm logged in I try to start an
> emacs window on the laptop:
>
> server$ echo $DISPLAY
> felix:0.0

Something in your profile sets $DISPLAY; this is *not* the DISPLAY
tunnel from ssh. ssh starts to use displays 10 and following on the
local host; i.e., $DISPLAY should be localhost:10.0 or similar.

With your current setting, your trying to really connect to your X
server on felix, not via the ssh tunnel, but directly. (As you said
yourself in your original post -- I can't say how you can configure
the X wrapper, sorry.) You might want to remove that DISPLAY env
var setting and use the ssh X11 forwarding at first.

But, if you discover how one configures the X wrapper to allow
remote connections, make sure to post it, so others can find it in
the list archives.

Cheers,
Joachim

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: jschrod@acm.org
Roedermark, Germany


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2007, 06:21 PM
bill purvis
 
Default 7.04: X11 remote display problem

On Friday 23 November 2007, Joachim Schrod wrote:
> bill purvis wrote:
> > I'm still having no joy with getting anything to open a remote X11
> > window on my laptop since I changed to Ubuntu from Mandrake.
> >
> > I'm using ssh to log in to my server (and yes I've tried using ssh -X
> > but that makes no difference). Once I'm logged in I try to start an
> > emacs window on the laptop:
> >
> > server$ echo $DISPLAY
> > felix:0.0
>
> Something in your profile sets $DISPLAY; this is *not* the DISPLAY
> tunnel from ssh. ssh starts to use displays 10 and following on the
> local host; i.e., $DISPLAY should be localhost:10.0 or similar.
>
At last ! I used to set DISPLAY in my .bashrc on the server.
Always worked for me in the past. Removing that solved the
problem.

Many thanks - I knew someone would come up with the solution....

Bill
--
+---------------------------------------+
| Bill Purvis, Amateur Mathematician |
| email: bil@beeb.net |
| http://bil.members.beeb.net |
+---------------------------------------+

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2007, 08:41 PM
Smoot Carl-Mitchell
 
Default 7.04: X11 remote display problem

On Wed, 2007-11-21 at 17:09 +0000, bill purvis wrote:

> bohuslav bill$ emacs &
> [1] 20965
> bohuslav bill$ emacs: Cannot connect to X server felix:0.0.
> Check the DISPLAY environment variable or use `-d'.
> Also use the `xhost' program to verify that it is set to permit
> connections from your machine.

This is odd. It looks like X11 forwarding is working from your debug
output, but it appears the DISPLAY environment variable is getting set
to felix:0.0. It should be something like localhost:10.0. Are you sure
you are not setting DISPLAY in your shell startup script?
--
Smoot Carl-Mitchell
System/Network Architect
email: smoot@tic.com
cell: +1 602 421 9005
home: +1 480 922 7313

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 05:07 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org