[Wylug-help] X over ssh

Nigel Metheringham Nigel.Metheringham at dev.intechnology.co.uk
Tue Apr 25 10:53:14 BST 2006 

On Tue, 2006-04-25 at 10:30 +0100, Don Magee wrote:
> The DISPLAY variable isn't set. But on the machine that has full X 
> installed and works over ssh it is set to
> 
> localhost:10.0
> 
> 
> > 
> > This looks like you haven't got X forwarding enabled in ssh. I think that
> > this feature can be disabled in the /etc/ssh/sshd.conf file for the sshd
> > server. I think that it can be disabled on the client side also by a
> > system wide setting in /etc/ssh/ssh.conf
> 
> /etc/ssh/sshd_config has a line
> 
> X11Forwarding yes

Sounds like you haven't got xauth installed.  Make sure you have xauth
in a standard (path accessible) location, and that it runs OK.  Normal
place for xauth is
	/usr/bin/xauth

ssh sets up an xauth session when you log in with X forwarding.  If
xauth isn't there then this won't work.

You can can also see what you get if you use -v on the ssh command - you
*should* see something like

        > ssh -v -X otherbox
        OpenSSH_4.3p2, OpenSSL 0.9.8a 11 Oct 2005
        [... other stuff deleted ...]
        debug1: channel 0: new [client-session]
        debug1: Entering interactive session.
        debug1: Requesting X11 forwarding with authentication spoofing.
        debug1: Requesting authentication agent forwarding.

If there is no xauth you will also see
        debug1: Remote: No xauth program; cannot forward with spoofing.

Unfortunately ssh does not appear to tell you if the remote end declined
X forwarding - but if you don't see the xauth line, and still have
DISPLAY unset after ssh-ing in then thats what happened.  Make sure the
sshd was restarted after any config changes.

> I tried setting the DISPLAY variable manually but that didn't make any 
> difference.

That won't work.  If there is nothing listening....
You also need to make sure nothing on the remote box is tampering with
DISPLAY, but thats not a common setup now (whereas several years back a
few sets of login scripts used to "helpfully" fix DISPLAY.

	Nigel.

-- 
[ Nigel Metheringham           Nigel.Metheringham at InTechnology.co.uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]

More information about the Wylug-help mailing list