View previous topic :: View next topic |
Author |
Message |
Dr_Smack n00b
Joined: 15 Jul 2004 Posts: 18
|
Posted: Wed Nov 10, 2004 12:35 am Post subject: X Forwarding no longer working |
|
|
X Forwarding via SSH no longer works after my morning emerges. This is the case on 2 of my boxes. When I try to run an X app remotely, I get this error:
Code: | Xlib: connection to "thanatos:0.0" refused by server
Xlib: No protocol specified
Error: Can't open display: thanatos:0.0
|
Everything was fine until I emerged/dispatch-conf'ed/closed my SSH session at work and opened one at home. All that I emerged today was:
Tue Nov 9 08:55:43 2004 >>> sys-libs/pam-0.77-r3
Tue Nov 9 08:59:49 2004 >>> x11-terms/xterm-196-r1
Tue Nov 9 10:34:56 2004 >>> net-fs/samba-3.0.8
Tue Nov 9 10:37:21 2004 >>> sys-apps/baselayout-1.11.6-r1
I'm guessing one of my config files got slightly wrong, but I think dispatch-conf only had me update 2 of them, all the others were auto updated. I just can't remember which 2 I changed, so I can't exactly revert those changes to see if it fixes my problem.
**EDIT**
I fixed my problem. I reverted 2 of the changes in /etc/security/pam_env.conf. Specifically, I commented out
Code: | REMOTEHOST DEFAULT= OVERRIDE=@{PAM_RHOST}
DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} |
|
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20411
|
Posted: Wed Nov 10, 2004 4:36 pm Post subject: |
|
|
Moved from Other Things Gentoo. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
jestrzcap n00b
Joined: 16 Apr 2002 Posts: 5
|
Posted: Thu Nov 11, 2004 12:40 am Post subject: Thanks |
|
|
This helped a bunch! You rock. _________________ "I have great faith in fools;
Self-confidence my friends call it."
--Edgar Allen Poe |
|
Back to top |
|
|
fzxdude n00b
Joined: 13 Jun 2004 Posts: 72
|
Posted: Thu Nov 11, 2004 1:24 am Post subject: |
|
|
excellent ... this fixed my prob too |
|
Back to top |
|
|
publius n00b
Joined: 21 Oct 2004 Posts: 13
|
Posted: Fri Nov 12, 2004 6:39 pm Post subject: |
|
|
I got to give a big thanks for this one too. I couldn't figure out for the life of me why X over ssh all of a sudden stopped working. The DISPLAY var wasn't getting set properly anymore but I couldn't figure out why. It was the change in pam_env.conf, the DISPLAY line, that did it. |
|
Back to top |
|
|
ramidh n00b
Joined: 16 Feb 2004 Posts: 31 Location: Grand Rapids, MI
|
Posted: Fri Nov 12, 2004 8:35 pm Post subject: |
|
|
This helped out. Thank you. _________________ In Linux we trust. |
|
Back to top |
|
|
fzxdude n00b
Joined: 13 Jun 2004 Posts: 72
|
Posted: Fri Nov 12, 2004 9:52 pm Post subject: |
|
|
I'm getting this when I try to login locally ... anyone else ?
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
xset: unable to open display ":0"
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
xset: unable to open display ":0"
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
xsetroot: unable to open display ':0'
startkde: Starting up...
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
ksplash: cannot connect to X server :0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
kded: cannot connect to X server :0
kded: ERROR: KUniqueApplication: Registering failed!
kded: ERROR: Communication problem with kded, it probably crashed.
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
kdeinit: Can't connect to the X Server.
kdeinit: Might not terminate at end of session.
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
kcminit: cannot connect to X server :0
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
knotify: cannot connect to X server :0
ERROR: KUniqueApplication: Registering failed!
ERROR: Communication problem with knotify, it probably crashed.
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
Xlib: connection to ":0.0" refused by server
Xlib: Protocol not supported by server
ksmserver: cannot connect to X server :0
startkde: Shutting down...
klauncher: Exiting on signal 1
startkde: Running shutdown scripts...
startkde: Done. |
|
Back to top |
|
|
ewan.paton Veteran
Joined: 29 Jul 2003 Posts: 1219 Location: glasgow, scotland
|
Posted: Sat Nov 13, 2004 2:15 am Post subject: |
|
|
thanks for the help, i thought i knew the unimportant files i could let go by, is there a reason this was done _________________ Giay tay nam | Giay nam cao cap | Giay luoi |
|
Back to top |
|
|
fzxdude n00b
Joined: 13 Jun 2004 Posts: 72
|
Posted: Sat Nov 13, 2004 11:15 am Post subject: |
|
|
just to document how I fixed my prob
rm ~/.Xauthority |
|
Back to top |
|
|
iulica n00b
Joined: 28 Jul 2004 Posts: 34
|
Posted: Sun Nov 14, 2004 2:09 pm Post subject: |
|
|
question is how this problem came into the "stable" pam package ? Has someone reported a bug about this ? I will do it if I don't find one. |
|
Back to top |
|
|
billshewman n00b
Joined: 29 Jul 2004 Posts: 14
|
Posted: Wed Nov 17, 2004 11:08 pm Post subject: |
|
|
I'm still having trouble.
With modifying pam_env.conf my DISPLAY parameter is set to something like 192.168.0.20:10.0.
If I make the changes suggested in this thread then DISPLAY is set to localhost:10.0
When using ssh, does it expect DISPLAY to be localhost, or the ip address of the remote X server? |
|
Back to top |
|
|
fzxdude n00b
Joined: 13 Jun 2004 Posts: 72
|
Posted: Thu Nov 18, 2004 1:37 am Post subject: |
|
|
mines always been localhost:10 with forwarding |
|
Back to top |
|
|
billshewman n00b
Joined: 29 Jul 2004 Posts: 14
|
Posted: Thu Nov 18, 2004 2:08 pm Post subject: |
|
|
fzxdude: thx. Everything is working for me now. I just needed to reset my cygwin X server. |
|
Back to top |
|
|
torklingberg Tux's lil' helper
Joined: 30 May 2004 Posts: 86
|
Posted: Sun Nov 28, 2004 7:30 pm Post subject: |
|
|
I had the same problem. Note that you have to restart your X server too.
Now I wonder: Why is the default setting in an obscure little /etc file screwing up X11 forwarding? Has this been filed in bugzilla? |
|
Back to top |
|
|
torklingberg Tux's lil' helper
Joined: 30 May 2004 Posts: 86
|
Posted: Sun Nov 28, 2004 7:56 pm Post subject: |
|
|
I found the a bug report here:
https://bugs.gentoo.org/show_bug.cgi?id=70585
It seems to be some big stuff with PAM developers saying it is supposed to work that way... What is this PAM crap anyway? |
|
Back to top |
|
|
meowsqueak Veteran
Joined: 26 Aug 2003 Posts: 1549 Location: New Zealand
|
Posted: Tue Nov 30, 2004 1:21 am Post subject: |
|
|
billshewman wrote: | When using ssh, does it expect DISPLAY to be localhost, or the ip address of the remote X server? |
SSH sets up an X server on the machine you SSH into. This is controlled by the Offset in sshd_config but is usually 10. So, there's an X server listening on localhost:10.1 and this forwards all X client commands to your X server on the machine you SSH'd from.
Additionally, I had this problem too, and commenting out those two lines in the PAM file (as mentioned in the OP) fixed it. |
|
Back to top |
|
|
MyWenis n00b
Joined: 11 Jun 2003 Posts: 3
|
Posted: Tue Dec 14, 2004 6:39 pm Post subject: |
|
|
Add another "thank you" to Dr_Smack for this thread
i'd be dead in the water without this board
|
|
Back to top |
|
|
spacemoth n00b
Joined: 23 Apr 2004 Posts: 31 Location: Canada
|
Posted: Wed Dec 15, 2004 7:19 pm Post subject: |
|
|
I have a similar issue, but I can't seem to resolve it the same way. When I try to run X-apps from a root console while logged in to kde as a 'regular' user, I get the following:
Code: |
chimera root # gtkdiskfree
Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified
(gtkdiskfree:8004): Gtk-WARNING **: cannot open display:
|
From /var/log/messages:
Code: |
Dec 15 11:13:25 chimera su[7548]: PAM pam_putenv: delete non-existent entry; REMOTEHOST
Dec 15 11:13:25 chimera PAM-env[7548]: Unknown PAM_ITEM: <XAUTHORITY>
Dec 15 11:13:25 chimera su[7548]: PAM pam_putenv: delete non-existent entry; XAUTHORITY
Dec 15 11:13:25 chimera su(pam_unix)[7548]: session opened for user root by user1(uid=1000)
Dec 15 11:13:25 chimera su[7548]: PAM pam_putenv: delete non-existent entry; REMOTEHOST
Dec 15 11:13:25 chimera PAM-env[7548]: Unknown PAM_ITEM: <XAUTHORITY>
Dec 15 11:13:25 chimera su[7548]: PAM pam_putenv: delete non-existent entry; XAUTHORITY
|
Any suggestions appreciated... |
|
Back to top |
|
|
hch n00b
Joined: 18 May 2004 Posts: 18 Location: Marseille/France
|
Posted: Tue Dec 21, 2004 3:41 pm Post subject: thanks so much, man! |
|
|
this cost me nearly an afternoon until i found your post! thanks alot!!! |
|
Back to top |
|
|
Swoosh Apprentice
Joined: 19 Sep 2004 Posts: 203
|
Posted: Sat Dec 25, 2004 9:54 pm Post subject: |
|
|
Thanks from me too!
I was wondering what had happened. |
|
Back to top |
|
|
heikole Tux's lil' helper
Joined: 04 Oct 2004 Posts: 148 Location: Berlin, Germany
|
Posted: Tue Dec 28, 2004 6:59 pm Post subject: |
|
|
spacemoth wrote: | I have a similar issue, but I can't seem to resolve it the same way. [...]
From /var/log/messages:
Code: |
Dec 15 11:13:25 chimera su[7548]: PAM pam_putenv: delete non-existent entry; REMOTEHOST
Dec 15 11:13:25 chimera PAM-env[7548]: Unknown PAM_ITEM: <XAUTHORITY>
[...]
|
Any suggestions appreciated... |
I had to comment out the two lines in pam_env.conf suggested before plus the XAUTHORITY line to make "ssh -X" work. |
|
Back to top |
|
|
Guybrush Tux's lil' helper
Joined: 06 Feb 2003 Posts: 99 Location: 48°27'N, 11°8'O
|
Posted: Wed Jan 05, 2005 10:54 am Post subject: |
|
|
Alternatively to commenting out lines in /etc/security/pam_env.conf I found
two alternative solutions (which at least work for me until now):
1.Disable the use of PAM for your ssh-server in /etc/ssh/sshd_config: UsePAM no (or commenting UsePAM yes out)
2. Change file /etc/pam.d/sshd
Code: | ...
password required pam_stack.so service=system-auth
session optional pam_xauth.so
session required pam_stack.so service=system-auth
|
Now I'm using the 2nd variant with simply adding "session optional pam_xauth.so" in the pam configuration file for sshd. |
|
Back to top |
|
|
flazz Guru
Joined: 22 Nov 2003 Posts: 496 Location: Florida
|
Posted: Wed Jan 12, 2005 4:15 pm Post subject: |
|
|
what are the drawbacks to not using pam (commenting the UsePAM option) as opposed to commenting out the 2 lines in the pam conf? |
|
Back to top |
|
|
derheld42 Tux's lil' helper
Joined: 31 Mar 2003 Posts: 97 Location: Washington, US
|
Posted: Sat Jan 15, 2005 10:24 pm Post subject: |
|
|
Argh... I assumed I had already set this.. I'm posting it just so others can double check their settings...
Make sure this is set!
/etc/ssh/sshd_config wrote: | ...
X11Forwarding yes
...
|
EDIT: I think this isn't strictly necessary... but it's convenient |
|
Back to top |
|
|
wrs4 Tux's lil' helper
Joined: 27 May 2003 Posts: 98 Location: Alexandria, VA
|
Posted: Sun Feb 06, 2005 7:19 pm Post subject: Same problem, solution looks like it may be different |
|
|
I have a laptop running Red Hat 9 and a tower running 2004.2 Gentoo. I can ssh from the laptop to the gentoo system and run gui commands (Eterm, for example) without problem. When I ssh from the tower to the laptop and try to run a gui command, I get something quite different:
Quote: |
xterm Xt error: Can't open display:
[1]+ Exit 1 xterm
|
I saw some commentary about /etc/security/pam_env.conf, but it appears that the files on the two systems are identical (I haven't diff'd them, but they report the exact same CVS header info):
Quote: |
# $Date: 2000/06/20 22:11:35 $
# $Author: agmorgan $
# $Id: pam_env.conf-example,v 1.1.1.1 2000/06/20 22:11:35 agmorgan Exp $
|
The /etc/ssh/ssh_config files are different (the gentoo one is nearly a year newer), but almost entirely commented out. The Red Hat one had
Code: |
Host *
ForwardX11 yes
|
at the end of it, so I added that t the gentoo one (which was entirely commented out). The /etc/ssh/sshd_config files also differ, with the gentoo one again being about a year newer. The Red Hat one had the following things uncommented:
SyslogFacility AUTHPRIV
X11Forwarding yes
Subsystem sftp /usr/libexec/openssh/sftp-server
The gentoo one had these uncommented:
Protocol 2
UsePAM yes
Subsystem sftp /usr/lib/misc/sftp-server
To the gentoo one, I also added
and restarted sshd (not that that should particularly matter when it appears to be ssh client that isn't working.
None of these changes seem to have fixed the problem. I know it isn't the Red Hat system because when I had Red Hat on the tower, this worked fine, and that system has not changed since then.
I'd also like to know how to su - as my user account rather than have to ssh in, but that's not related to the current problem. |
|
Back to top |
|
|
|