ssh -X (-Y) not working

Karl Pearson karlp at ourldsfamily.com
Wed Sep 24 01:36:32 UTC 2008 

On Tue, 23 Sep 2008, Rick Stevens wrote:

> Karl Pearson wrote:
>> On Tue, 23 Sep 2008, Bob McClure Jr wrote:
>> 
>>> On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote:
>>>> I like remote managing my server using ssh -X or ssh -Y and then running
>>>> gui apps sometimes.
>>>> 
>>>> I've check workstation and server X11Forwarding yes and then restarted
>>>> sshd so don't know where else to go.
>>>> 
>>>> I've checked the logs and there's nothing about it. The error I get is:
>>>> 
>>>> [root at mail root]# system-config-printer
>>>> system-config-printer: could not open display
>>>> This is a graphical application and requires DISPLAY to be set.
>>>> 
>>>> or:
>>>> 
>>>> [karlp at mail ~/]$ xterm
>>>> xterm Xt error: Can't open display:
>>>> xterm: DISPLAY is not set
>>>> 
>>>> Of course, the obvious is to set $DISPLAY, which doesn't work either.
>>> 
>>> Well, no, it needs to be set by sshd.  If you "ssh -X host.onthe.net",
>>> when you get a shell prompt, you should be able to
>>> 
>>> $ echo $DISPLAY
>>> localhost:10.0
>> 
>> Nope, it's empty...
>> 
>>> 
>>> in the usual case.  Any problems should be evident in
>>> /var/log/messages or /var/log/secure.
>> 
>> Logging in works, and the logs show that, but there's nothing about 
>> forwarding anomalies. There is an entry about DNS lookup failed for my IP. 
>> Should I set secure forwarding on?
>> 
>>> 
>>> Check also your ~/.Xauthority file on the distant server.  Permissions
>>> should be something like mine:
>>> 
>>> -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority
>>> 
>>> You might try deleting it, then exit, and "ssh -X" in again.  It
>>> should mention something about creating it.
>> 
>> Deleted. And... not recreated on next ssh in... Hmmm?
>> 
>> 
>>> 
>>>> I've seen blogs, threads and other stuff all over the net and everything
>>>> says, enable X11Forwarding. I've done this for years and have never had
>>>> that not work. Using -X or -Y should even countermand that setting if 
>>>> it's
>>>> off, right?
>>>> 
>>>> Any ideas where to go next?
>
> On your ssh client, enter "echo $DISPLAY" and make sure it displays
> something to the effect ":0.0" (you ARE in an xterm, right?).  If it
> doesn't, then there's something wrong with your local X.  That's step
> one.  If you don't have $DISPLAY set locally, there's no way ssh can
> communicate that to the sshd server, regardless of using "-X" or "-Y".
>
> Next, check the remote machine's /etc/ssh/sshd_config and make sure that
> both "AllowTcpForwarding yes" and "X11Forwarding yes" are set (they're
> both set to "no" by default).  If you've changed either or both
> settings, do "service sshd restart" before you log off the remote
> machine to make the changes "take".
>
> Now, if the local "echo $DISPLAY" does display data, then "ssh -Y
> remotehost" should get you to the remote.  Once on there, do another
> "echo $DISPLAY" and it should show "localhost:10.0" or something very
> similar (the ":10" bit is set by the "X11DisplayOffset" value in the
> remote machine's /etc/ssh/sshd_config file and is 10 by default).  The
> "localhost" bit indicates that X is being tunneled through the ssh
> pipe.

Nope. no DISPLAY on the server, just the client (:0.0)

Something appears to have kept the DISPLAY being sent when the environment 
is sent.

>
> Example on my machines:
>
> [root at prophead ~]# echo $DISPLAY
> :0.0
> [root at prophead ~]# ssh bigdog
> Last login: Tue Sep 23 17:26:51 2008 from prophead.hci.com
> [root at bigdog ~]# echo $DISPLAY
>
> [root at bigdog ~]# exit
> logout
> Connection to bigdog closed.
> [root at prophead ~]# ssh -Y bigdog
> Last login: Tue Sep 23 17:30:31 2008 from prophead.hci.com
> [root at bigdog ~]# echo $DISPLAY
> localhost:10.0
> [root at bigdog ~]# exit
> logout
>
> Hope that helps!
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer                      ricks at nerd.com -
> - AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
> -                                                                    -
> -            We look for things.  Things that make us go!            -
> ----------------------------------------------------------------------
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe
>

---
      _/  _/      _/      _/_/_/       ____________   __o
     _/ _/       _/      _/    _/     ____________  _-\\<._
    _/_/        _/      _/_/_/                     (_)/ (_)
   _/ _/       _/      _/           ......................
  _/   _/ arl _/_/_/  _/ earson    KarlP at ourldsfamily.com
---
http://consulting.ourldsfamily.com
---

More information about the Redhat-install-list mailing list