| View previous topic :: View next topic |
| Author |
Message |
corrosif
Apprentice
Joined: 21 Dec 2003
Posts: 199
Location: France
|
 Posted: Mon Mar 08, 2004 10:57 pm Post subject: ssh -X returns "Can't open display: localhost:10.0" |
 |
|
Hi,
I am trying to get remote access from my machine with X through ssh.
Each time I launch a graphical application, I get the following:
| Quote: | corrosif@joshua corrosif $ ssh -X corrosif@joshua.org
Password:
Last login: Mon Mar 8 23:45:27 2004 from lns-p19-9-62-147-148-77.adsl.proxad.net
corrosif@joshua corrosif $ xclock
Error: Can't open display: localhost:10.0 |
Here is my /etc/ssh/sshd_config:
| Quote: | # $OpenBSD: sshd_config,v 1.68 2003/12/29 16:39:50 millert Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords'
UsePAM yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
PermitUserEnvironment yes
Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/lib/misc/sftp-server |
Here is my /etc/ssh/ssh_config:
| Quote: | # $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
Host *
ForwardAgent yes
ForwardX11 yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~ |
And finally the end of my /etc/X11/gdm/gdm.conf (might help sometimes):
| Quote: | # The chooser is what's displayed when a user wants an indirect XDMCP
# session
[chooser]
# Default image for hosts
DefaultHostImg=/usr/share/pixmaps/nohost.png
# Directory with host images, they are named by the hosts: host or host.png
HostImageDir=/usr/share/hosts/
# Time we scan for hosts (well only the time we tell the user we are
# scanning actually)
ScanTime=3
# A comma separated lists of hosts to automatically add (if they answer to
# a query of course). You can use this to reach hosts that broadcast cannot
# reach.
Hosts=
# Broadcast a query to get all hosts on the current network that answer
Broadcast=true
[debug]
# This will enable debugging into the syslog, usually not neccessary
# and it creates a LOT of spew of random stuff to the syslog. However it
# can be useful in determining when something is going very wrong.
Enable=false
[servers]
# These are the standard servers. You can add as many you want here
# and they will always be started. Each line must start with a unique
# number and that will be the display number of that server. Usually just
# the 0 server is used.
0=Standard
#1=Standard
# Note the VTAllocation and FirstVT keys on linux. Don't add any vt<number>
# arguments if VTAllocation is on, and set FirstVT to be the first vt
# available that your gettys don't grab (gettys are usually dumb and grab
# even a vt that has already been taken). Using 7 will work pretty much for
# all linux distributions. VTAllocation is not currently implemented on
# anything but linux since I don't own any non-linux systems. Feel free to
# send patches. X servers will just not get any extra arguments then.
#
#Note: If you want to run an X terminal you could add an X server such as this
#0=Terminal -query serverhostname
# or for a chooser (optionally serverhostname could be localhost)
#0=Terminal -indirect serverhostname
# Definition of the standard X server.
[server-Standard]
name=Standard server
#command=/usr/X11R6/bin/X -nolisten tcp -audit 0
command=/usr/X11R6/bin/X
flexible=true
# To use this server type you should add -query host or -indirect host
# to the command line
[server-Terminal]
name=Terminal server
# Add -terminate to make things behave more nicely
#command=/usr/X11R6/bin/X -nolisten tcp -audit 0 -terminate
command=/usr/X11R6/bin/X -terminate
# Make this not appear in the flexible servers (we need extra params
# anyway, and terminate would be bad for xdmcp)
flexible=false
# Not local, we do not handle the logins for this X server
handled=false |
Do you have any idea how to get rid of this annoying problem?
I have already searched in many forums, but haven't been able to find a real solution yet.
_________________
S'il n'y a pas de solution, alors il n'y a pas de problème (logique Shadok).
Last edited by corrosif on Mon Mar 08, 2004 11:39 pm; edited 4 times in total |
|
| Back to top |
|
 |
Voltago
Advocate
Joined: 02 Sep 2003
Posts: 2593
Location: userland
|
| Posted: Mon Mar 08, 2004 11:20 pm Post subject: |
|
|
Perhaps this will help you, it is from the extremely useful How to turn your box into a Xvnc Terminal Server thread:
| lines wrote: | 4) Change the xdm configuration so it listens to XDCMP request
open /etc/X11/xdm/xdm-config with your favorite editor.
Look at the last line : "DisplayManager.requestPort :0"
Comment it out by inserting a ! at the beginning of the line |
This has of course to be done on the X server machine. |
|
| Back to top |
|
|
corrosif
Apprentice
Joined: 21 Dec 2003
Posts: 199
Location: France
|
| Posted: Mon Mar 08, 2004 11:25 pm Post subject: |
|
|
I already had the following in my /etc/X11/xdm/xdm-config:
| Quote: | ! SECURITY: do not listen for XDMCP or Chooser requests
! Comment out this line if you want to manage X terminals with xdm
#DisplayManager.requestPort: 0 |
... so I think the problems remains somewhere else.
_________________
S'il n'y a pas de solution, alors il n'y a pas de problème (logique Shadok). |
|
| Back to top |
|
|
appetitus
Apprentice
Joined: 28 Sep 2003
Posts: 210
|
| Posted: Tue Mar 09, 2004 12:00 am Post subject: |
|
|
Some recent "emerge world" did this to me. Some file in /etc/ has gotten clobbered by an overzealous noob ebuild. God save us from the good intentioned short bus.
_________________
Being a Gentoo user means living in a house inhabited by a family of crazed carpenters. When you wake up, the house is different. Maybe there is a new turret, or some walls have moved, or perhaps someone has removed the floor under your bed. |
|
| Back to top |
|
|
corrosif
Apprentice
Joined: 21 Dec 2003
Posts: 199
Location: France
|
| Posted: Tue Mar 09, 2004 12:18 am Post subject: |
|
|
Well I had to reboot, and suddenly all is working very fine now!
I just get the following warning message when I quit an application such as xclock:
| Quote: | | Xlib: extension "RENDER" missing on display "localhost:10.0". |
Yet I can start many applications, I am just having a problem with Eclipse 3.0M7 starting fine for 3 seconds (I can see the whole interface), and then suddenly breaking with the following messages:
| Quote: | corrosif@joshua corrosif $ /opt/eclipse/eclipse
Xlib: extension "RENDER" missing on display "localhost:11.0".
The program '<unknown>' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadWindow (invalid Window parameter)'.
(Details: serial 14184 error_code 3 request_code 38 minor_code 0)
(Note to programmers: normally, X errors are reported asynchronously;
that is, you will receive the error a while after causing it.
To debug your program, run it with the --sync command line
option to change this behavior. You can then get a meaningful
backtrace from your debugger if you break on the gdk_x_error() function.)
Xlib: extension "RENDER" missing on display "localhost:11.0". |
_________________
S'il n'y a pas de solution, alors il n'y a pas de problème (logique Shadok). |
|
| Back to top |
|
|
littlefox
n00b
Joined: 23 Jul 2002
Posts: 6
|
| Posted: Fri Mar 12, 2004 5:24 pm Post subject: |
|
|
| set ForwardX11Trusted=yes or ssh -Y |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
