Date: Mon, 26 Jan 2009 17:39:42 -0800 From: sk89q <the.sk89q@gmail.com> To: Chuck Robey <chuckr@telenix.org> Cc: Peter Boosten <peter@boosten.org>, Bill Moran <wmoran@potentialtech.com>, freebsd-questions@freebsd.org Subject: Re: X11 forwarding through SSH: Can't open display Message-ID: <825770ac0901261739k19b6f65ap431db4a959a43262@mail.gmail.com> In-Reply-To: <497DF10C.9000601@telenix.org> References: <825770ac0901252109n14c9de4exec2fe3c1daed335b@mail.gmail.com> <497D51E6.2000904@boosten.org> <825770ac0901252217m74882871o543027b0e32b9eb8@mail.gmail.com> <20090126093242.863c59b0.wmoran@potentialtech.com> <825770ac0901260752s16655f49ue069d2166450d672@mail.gmail.com> <497DF10C.9000601@telenix.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 26, 2009 at 9:21 AM, Chuck Robey <chuckr@telenix.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > sk89q wrote: >> On Mon, Jan 26, 2009 at 6:32 AM, Bill Moran <wmoran@potentialtech.com> wrote: >>> In response to sk89q <the.sk89q@gmail.com>: >>> >>>> I meant sshd_config. >>> Do you have the xauth package installed on the remote server? You don't >>> need a full X install, but X11 forwarding won't work without xauth >>> installed. >> >> Yes, I do (at least to my knowledge), but xauth is located at >> "/usr/local/bin/xauth". sshd wasn't able to find xauth, so I made a >> hard link at "/usr/X11/bin/xauth" to "/usr/local/bin/xauth". That >> fixed a can't-find-xauth error, and that's where I am now. > > I think a far more likely thing might be being missed here. Usually when I'm > surprised when a new system refuses to allow me to remotely open X apps, it's > not the problem of ssh, it's because X11, by default, doesn't open up the port > 6000 IP socket to allow remotes to work. You can easily use netstat, to look > for open sockets 6xxx range, opened by your X server. If you can't find it, > then some part of your X installation is likely giving the -nolisten tcp > commands when starting up the X server. I don't know how you open your X, so I > couldn't directly tell you how to fix this. > > Being a bit more honest, the X server itself doesn't block the remote ports. > It's all of the startup tools (like startx) which stick in the anti-remote > prejudice. Giving the fact that it IS a security risk, I guess they're right, > it just means that if you want remote operation, you need to tell X (via > whatever startup method you use) to stop blocking the opening of that port 6000. Well, the good news is that it works now. The bad news is that I don't know why. I haven't made a change to anything (except change /etc/motd and restart sshd, which I had already previously done numerous times). Nothing else has been restarted. However, I can say that it was most likely an issue on the server, because now it works with PuTTY, ssh -X on Windows, and ssh -X on Ubuntu. Nevertheless, performance (over the Internet) is pretty bad... so I'll probably have to look into NX (even though the version of FreeNX in the ports system presently doesn't support amd64...). Thanks for everyone's help, sk89q
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?825770ac0901261739k19b6f65ap431db4a959a43262>