RE: How to configure X server for remote login with gdm
On Sat, 30 Jun 2001 17:59:30 +0200, Daniel Lutz wrote:
>
> Hello
>
> I'm trying to start an X server so that it gets its login screen
> from a remote machine running gdm. But I haven't yet managed to
> make it work.
>
> The following machines are used:
> asterix (192.168.1.1), Debian GNU/Linux unstable, gdm
> obelix (192.168.1.2), Debian GNU/Linux potato, X server
>
> On asterix, I have the whole X system up and running, including
> gdm. I have configured gdm to allow remote XDMCP requests.
>
> On obelix, I have installed a potato including a minimal X system
> (only X server with minimal set of client applications).
>
> When I run `X -broadcast' on obelix (as root), I get the following
> messages:
>
> [usual X server messages]
>
> AUDIT: Sat Jun 30 17:38:22 2001: 5127 X: client 1 rejected from IP 192.168.1.1 port 34472
> AUDIT: Sat Jun 30 17:38:22 2001: 5127 X: client 1 rejected from IP 192.168.1.1 port 34473
> AUDIT: Sat Jun 30 17:38:24 2001: 5127 X: client 1 rejected from IP 192.168.1.1 port 34474
>
> On asterix, the file /var/log/gdm/obelix.watz.ch\:0.log contains the following:
>
> Xlib: connection to "obelix.watz.ch:0.0" refused by server
> Xlib: Client is not authorized to connect to Server
> Xlib: connection to "obelix.watz.ch:0.0" refused by server
> Xlib: Client is not authorized to connect to Server
> Xlib: connection to "obelix.watz.ch:0.0" refused by server
> Xlib: Client is not authorized to connect to Server
>
> I think these 6 lines correspond directly to the 3 message of the X server on obelix.
>
> I assume that gdm accepts the connection, but it can't show the login window because
> the X server on obelix doesn't allow it.
>
> On connection of the X server on asterix, gdm creates the following file:
> /var/lib/gdm/obelix.watz.ch:0.Xauth
>
> I have also tried xdm instead of gdm, but it hasn't worked, neither.
>
> On the other hand, when I start the X server on obelix with `X -ac -broadcast', all
> works fine, I get the login screen and can log in.
>
> The man page Xserver(1) says:
>
> -ac disables host-based access control mechanisms.
> Enables access by any host, and permits any host
> to modify the access control list. Use with
> extreme caution. This option exists primarily for
> running test suites remotely.
>
> But I prefer using the default authorization mechanisms.
>
> Does anybody know how I need to start or configure the X server on obelix
> so that gdm on asterix is allowed tho show its login window?
>
> Thanks for all hints.
>
> Daniel
Daniel,
I have been fooling around with XDMCP for some time and finally got GDM
to work for me a couple of nights ago. First of all, the "problem"
comes in with the jump from XFree86 3.6 to XFree86 4.X. In the 4.x
series it defaults to NOT listening on any TCP ports for security
reasons. If you do a regular Debian install, you will see a message to
this effect during the install. It is rather inoccuous, and easily
overlooked. I am running XFree86 version 4.0.3 on a Progeny-Debian
install here. Here is what I did to get it going:
1. Edit the /etc/X11/xinit/xserverrc file and remove the "...-nolisten
tcp..." option. This keeps the xserver from listening on any tcp
ports. Removing it allows it to listen for external requests.
2. Make the appropriate changes in /etc/gdm/gdm.conf file in the
[XDMCP] section, i.e. "Enable=1" and "HonorIndirect=1".
Restart GDM after these changes and it "should" be ready to go. The
above changes are for the XFree86 4.X series only. I didn't have to do
step 1 on the 3.6 version. Also, I havn't been able to get the
"chooser" option going in GDM yet, but then I really don't have a need
for it here.
HTH,
-Don Spoon-
Reply to: