| View previous topic :: View next topic |
| Author |
Message |
rajl
Apprentice
Joined: 25 Sep 2002
Posts: 287
|
 Posted: Mon Mar 10, 2003 5:59 pm Post subject: ssh and X11 error, need help |
 |
|
I had setup ssh to work with X11 forwarding, but it has suddenly stopped working and I don't know why. Where as it used to work, after a severed network connection while logged in, whenever I try to use X over ssh, I get the following error message:
| Code: |
johnlyon@lyon johnlyon $ emacs
emacs: Cannot connect to X server localhost:10.0.
Check the DISPLAY environment variable or use `-d'.
Also use the `xhost' program to verify that it is set to permit
connections from your machine.
|
I've tried all the basic trouble shooting like restarting sshd, rebooting the computer, checking to make sure I have localhost set in my hosts file (I do). But I'm drawing blanks because I'm not fully familiar with administering ssh yet. Here is my sshd_config file it it will help:
| Code: |
# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
#LoginGraceTime 120
PermitRootLogin no
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#AFSTokenPassing no
# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdInt no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no
# override default of no subsystems
Subsystem sftp /usr/lib/misc/sftp-server
|
Does anyone have any ideas as to what I should do to fix the problem? Any and all help would be appreciated. I really do need to be able to use X11 over ssh.
_________________
-Rajl
-----------------------------------------------------------
It's easy to be brave once you consider the alternatives. |
|
| Back to top |
|
 |
easykill
Apprentice
Joined: 07 Dec 2002
Posts: 230
|
| Posted: Tue Mar 11, 2003 7:29 pm Post subject: |
|
|
try this
DISPLAY=":0" emacs
if that doesn't work, type
echo $DISPLAY
and post what it shows
it seemed to be trying to open a weird display |
|
| Back to top |
|
|
rajl
Apprentice
Joined: 25 Sep 2002
Posts: 287
|
| Posted: Tue Mar 11, 2003 10:33 pm Post subject: |
|
|
i tried as you reccommended and typed $DISPLAY=":0" emacs
I didn't get an error message, but the program didn't pop up on my ssh forwared connection. Then did an echo $DISPLAY and got the following:
localhost:10.0
As I said, it used to work perfectly, but now it hasn't since last week when my connection was severed abruptly. Hopefully you can give me some other advice.
_________________
-Rajl
-----------------------------------------------------------
It's easy to be brave once you consider the alternatives. |
|
| Back to top |
|
|
rajl
Apprentice
Joined: 25 Sep 2002
Posts: 287
|
| Posted: Thu Mar 13, 2003 4:12 pm Post subject: |
|
|
With this new information, is there anyone out there who can help me?
_________________
-Rajl
-----------------------------------------------------------
It's easy to be brave once you consider the alternatives. |
|
| Back to top |
|
|
DaSH
n00b
Joined: 12 Mar 2003
Posts: 30
|
| Posted: Thu Mar 13, 2003 4:24 pm Post subject: |
|
|
| may be you need to type 'xhost +' on your comp... |
|
| Back to top |
|
|
dpryden
n00b
Joined: 12 Sep 2002
Posts: 43
|
| Posted: Fri Mar 14, 2003 5:46 am Post subject: |
|
|
What happens if you try ssh -X? That tells ssh to set up a second tunnel expressly for the X11 protocol, and ssh is nice enough to set your DISPLAY variable for you automatically.
If ssh -X works, and setting $DISPLAY manually doesn't, there may be a firewall issue between the boxes, or you may have started X with the --nolisten switch. (Which is, actually, a good idea, since tunneling through ssh is more secure.)
_________________
"Anything is better than IE, and you can quote me on that." -- Wil Wheaton |
|
| Back to top |
|
|
jana
n00b
Joined: 23 Oct 2002
Posts: 24
Location: Blacksburg, VA
|
| Posted: Thu Apr 03, 2003 4:27 pm Post subject: any new ideas? |
|
|
I'm having the same problem. I've tried the solutions offered above...
Since I'm using DHCP my /etc/hosts file only includes
***
127.0.0.1 rosencrantz
***
(that is, my localhost name is coded in explicitly)
Do I need anything else? I wouldn't think so, since my problem still exists for local programs, but I thought I'd throw the idea out there...
thanks,
- j
_________________
"That does not make sense to me. But, you are very small." |
|
| Back to top |
|
|
bLanark
Apprentice
Joined: 27 Aug 2002
Posts: 181
Location: Royal Berkshire, UK
|
| Posted: Thu Apr 03, 2003 8:09 pm Post subject: Try again |
|
|
| Quote: | | may be you need to type 'xhost +' on your comp... |
I think that's it. Before you ssh to the other system (OK, it doesn't have to be before, but this is easier to explain than two terminals and which prompt is on which system) type "xhost +" and you'll get a message like:
| Code: | | access control disabled, clients can connect from any host |
. THEN you ssh to the remote system.
(ssh IS forwarding X, otherwise your DISPLAY would not be localhost:10)
The only other thing I can think of is that X might *not* be listening to TCP, which is a recommend setting for security. You might find a -nolisten tcp or something flag somewhere in the config (sorry, never used it, no books to hand, but have a grep for similar strings).
_________________
.sig: access denied |
|
| Back to top |
|
|
rtn
Guru
Joined: 15 Nov 2002
Posts: 427
|
| Posted: Thu Apr 03, 2003 9:29 pm Post subject: |
|
|
Forwarded X connections should be setting up and using the .Xauthority.
`xhost +` is inherantly insecure, and should be avoided.
--rtn |
|
| Back to top |
|
|
rajl
Apprentice
Joined: 25 Sep 2002
Posts: 287
|
| Posted: Fri Apr 04, 2003 4:39 pm Post subject: |
|
|
my problems magically went away all of a sudden. so I can't offer any advice there.
_________________
-Rajl
-----------------------------------------------------------
It's easy to be brave once you consider the alternatives. |
|
| Back to top |
|
|
The DJ
n00b
Joined: 06 Nov 2002
Posts: 74
|
| Posted: Fri May 02, 2003 2:08 pm Post subject: |
|
|
I have been experiencing this as well.
I'm positive i did everthing that is required again and again and again.
It used to work like a charm. since the upgrade to 4.3.0 however, it no longer works. If i type startx for instance, it always wants to open 0:0 on vt7, while it should open 10:0 (for the forwarding part) as the DISPLAY variable states.
it's really strange and the problem is still bothering me. |
|
| Back to top |
|
|
|
Networking & Security
