On rare occasions I want to run a remote X command (like 'meld' to interactively merge changes in files) and normally 'ssh -Y remote_host' from a terminal in an NX/freenx window that is acting as my desktop to start and any X program subsequently started would open in a new window via X-forwarding - at least when the target is a 5.x host. I don't do it often enough to remember if it ever worked when the remote side is 6.x, but today it is not setting the $DISPLAY variable, so I get: Error: Can't open display: Using -vv shows it at least trying to go through the motions:
debug2: x11_get_proto: /usr/bin/xauth list :1420.0 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY
But, $DISPLAY is not set to anything. What am I missing?
-- Les Mikesell lesmikesell@gmail.com
Les Mikesell wrote:
On rare occasions I want to run a remote X command (like 'meld' to interactively merge changes in files) and normally 'ssh -Y remote_host' from a terminal in an NX/freenx window that is acting as my desktop to start and any X program subsequently started would open in a new window via X-forwarding - at least when the target is a 5.x host. I don't do it often enough to remember if it ever worked when the remote side is 6.x, but today it is not setting the $DISPLAY variable, so I get: Error: Can't open display: Using -vv shows it at least trying to go through the motions:
debug2: x11_get_proto: /usr/bin/xauth list :1420.0 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY
But, $DISPLAY is not set to anything. What am I missing?
Does your sshd_config allow x forwarding?
mark
I have to use -X in conjunction with -Y, so ssh -XY remote_host
____________________________________________ Adam Wead Systems and Digital Collections Librarian Rock and Roll Hall of Fame and Museum 216.515.1960 (t) 215.515.1964 (f)
On Tue, Jun 4, 2013 at 1:33 PM, m.roth@5-cent.us wrote:
Les Mikesell wrote:
On rare occasions I want to run a remote X command (like 'meld' to interactively merge changes in files) and normally 'ssh -Y remote_host' from a terminal in an NX/freenx window that is acting as my desktop to start and any X program subsequently started would open in a new window via X-forwarding - at least when the target is a 5.x host. I don't do it often enough to remember if it ever worked when the remote side is 6.x, but today it is not setting the $DISPLAY variable, so I get: Error: Can't open display: Using -vv shows it at least trying to go through the motions:
debug2: x11_get_proto: /usr/bin/xauth list :1420.0 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY
But, $DISPLAY is not set to anything. What am I missing?
Does your sshd_config allow x forwarding?
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, Jun 4, 2013 at 12:44 PM, Adam Wead amsterdamos@gmail.com wrote:
I have to use -X in conjunction with -Y, so ssh -XY remote_host
No difference; ssh -Y user@centos_5_host 'echo $DISPLAY' returns localhost:11.0 ssh -XY user@centos_6_host 'echo $DISPLAY' returns nothing.
/etc/ssh/sshd_config is the default, with: X11Forwarding yes
I remember having a similar problem when the xauth program was missing on a box but this one has it installed.
-- Les Mikesell lesmikesell@gmail.com
On Tue, Jun 4, 2013 at 1:55 PM, Les Mikesell lesmikesell@gmail.com wrote:
On Tue, Jun 4, 2013 at 12:44 PM, Adam Wead amsterdamos@gmail.com wrote:
I have to use -X in conjunction with -Y, so ssh -XY remote_host
No difference; ssh -Y user@centos_5_host 'echo $DISPLAY' returns localhost:11.0 ssh -XY user@centos_6_host 'echo $DISPLAY' returns nothing.
/etc/ssh/sshd_config is the default, with: X11Forwarding yes
I remember having a similar problem when the xauth program was missing on a box but this one has it installed.
I'm a little lost as to wny you're using -XY; I'd expect either a -X or a -Y option; not both.
from the man page: -X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file.
X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the userâs X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring.
For this reason, X11 forwarding is subjected to X11 SECURITY extension restrictions by default. Please refer to the ssh -Y option and the ForwardX11Trusted directive in ssh_config(5) for more information.
-x Disables X11 forwarding.
-Y Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls.
although in trying it myself, I get:
[z@ds ~]$ ssh -X z@mote Last login: Tue Jun 4 11:35:17 2013 from deathstar [z@mote ~]$ echo $DISPLAY localhost:10.0 [z@mote ~]$ logout Connection to mote closed. [z@ds ~]$ ssh -Y z@mote Last login: Tue Jun 4 14:15:04 2013 from deathstar [z@mote ~]$ echo $DISPLAY localhost:10.0 [z@mote ~]$ logout Connection to mote closed. [z@ds ~]$ ssh -XY z@mote Last login: Tue Jun 4 14:15:19 2013 from deathstar [z@mote ~]$ echo $DISPLAY localhost:10.0 [z@mote ~]$ cat /etc/redhat-release CentOS release 6.4 (Final)
do you get error messages if you run xauth by hand?
[zep@mote ~]$ xauth Using authority file /home/zep/.Xauthority xauth> ? Commands: add exit extract help info list merge nextract nlist nmerge quit remove source ? generate xauth> list .... xauth> info Authority file: /home/zep/.Xauthority File new: no File locked: no Number of entries: 4 Changes honored: yes Changes made: no Current input: (stdin):3
-- Even the Magic 8 ball has an opinion on email clients: Outlook not so good.
On Tue, Jun 4, 2013 at 1:22 PM, zGreenfelder zgreenfelder@gmail.com wrote:
I'm a little lost as to wny you're using -XY; I'd expect either a -X or a -Y option; not both.
Mostly because neither worked separately either.
-Y Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls.
And I don't have any idea what that means.... So I usually just use -Y.
do you get error messages if you run xauth by hand?
No, but now I see X-forwarding does work with other 6.x targets so it must be something else missing on this host.
-- Les Mikesell lesmikesell@gmail.com
On Tue, 4 Jun 2013, Les Mikesell wrote:
On Tue, Jun 4, 2013 at 12:44 PM, Adam Wead amsterdamos@gmail.com wrote:
I have to use -X in conjunction with -Y, so ssh -XY remote_host
No difference; ssh -Y user@centos_5_host 'echo $DISPLAY' returns localhost:11.0 ssh -XY user@centos_6_host 'echo $DISPLAY' returns nothing.
/etc/ssh/sshd_config is the default, with: X11Forwarding yes
I remember having a similar problem when the xauth program was missing on a box but this one has it installed.
Do you by chance have ipv6 disabled? If so try adding the following to /etc/ssh/sshd_config and restart sshd:
AddressFamily inet
Hope this helps.
Regards,
On Wed, Jun 5, 2013 at 5:19 AM, me@tdiehl.org wrote:
On Tue, 4 Jun 2013, Les Mikesell wrote:
On Tue, Jun 4, 2013 at 12:44 PM, Adam Wead amsterdamos@gmail.com wrote:
I have to use -X in conjunction with -Y, so ssh -XY remote_host
No difference; ssh -Y user@centos_5_host 'echo $DISPLAY' returns localhost:11.0 ssh -XY user@centos_6_host 'echo $DISPLAY' returns nothing.
/etc/ssh/sshd_config is the default, with: X11Forwarding yes
I remember having a similar problem when the xauth program was missing on a box but this one has it installed.
Do you by chance have ipv6 disabled? If so try adding the following to /etc/ssh/sshd_config and restart sshd:
AddressFamily inet
Bingo - Thank you! This particular box had some performance issues with OpenNMS and I had disabled ipv6 among other things while trying to tune it. Seems odd that everything else still worked in ssh without that change, though.
-- Les Mikesell@gmail.com
On Jun 4, 2013 11:31 AM, "Les Mikesell" lesmikesell@gmail.com wrote:
On rare occasions I want to run a remote X command (like 'meld' to interactively merge changes in files) and normally 'ssh -Y remote_host' from a terminal in an NX/freenx window that is acting as my desktop to start and any X program subsequently started would open in a new window via X-forwarding - at least when the target is a 5.x host. I don't do it often enough to remember if it ever worked when the remote side is 6.x, but today it is not setting the $DISPLAY variable, so I get: Error: Can't open display: Using -vv shows it at least trying to go through the motions:
debug2: x11_get_proto: /usr/bin/xauth list :1420.0 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY
But, $DISPLAY is not set to anything. What am I missing?
-- Les Mikesell
Why not use git? You can branch to work on changes, use meld as 'git difftool' (or merge, or cherry-pick) to communicate changes, and push changes from your 'production' branch to your 'production' repo. You get to work with the same tools, and gain a solid development, testing and deployment solution in the process.
--Pete
On Tue, Jun 4, 2013 at 3:09 PM, Pete Travis lists@petetravis.com wrote:
On rare occasions I want to run a remote X command (like 'meld' to interactively merge changes in files)
Why not use git? You can branch to work on changes, use meld as 'git difftool' (or merge, or cherry-pick) to communicate changes, and push changes from your 'production' branch to your 'production' repo. You get to work with the same tools, and gain a solid development, testing and deployment solution in the process.
The scenario that usually triggers it is when I update a package with a complex configuration like OpenNMS and end up with .rpmnew instances for the files that have local changes. In this case I don't care about versioning, I just want to be able to see the lines I changed in context with the new file and merge them unless the update has some conflicting differences. Meld by itself handles that pretty well. And git is a little too weird for me - when I am doing version control I want a central authority.
-- Les Mikesell lesmikesell@gmail.com
On 04.06.2013 19:31, Les Mikesell wrote:
On rare occasions I want to run a remote X command (like 'meld' to interactively merge changes in files) and normally 'ssh -Y remote_host' from a terminal in an NX/freenx window that is acting as my desktop to start and any X program subsequently started would open in a new window via X-forwarding - at least when the target is a 5.x host. I don't do it often enough to remember if it ever worked when the remote side is 6.x, but today it is not setting the $DISPLAY variable, so I get: Error: Can't open display: Using -vv shows it at least trying to go through the motions:
debug2: x11_get_proto: /usr/bin/xauth list :1420.0 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY
But, $DISPLAY is not set to anything. What am I missing?
Do you have the xorg-x11-xauth package installed on the remote system you ssh into?
Regards, Dennis
-
Adam Wead -
Dennis Jacobfeuerborn -
Les Mikesell -
m.roth@5-cent.us -
me@tdiehl.org -
Pete Travis -
zGreenfelder