Re: x-forwarding with ssh
On Fri, 1 Mar 2002, Tom Cook wrote:
>> Currently when I try to run X apps via an ssh login I get the error message
>> xterm Xt error: Can't open display:
>desk.host: # xhost +remove.host.domain.com
>desk.host: # ssh -X remote.host.domain.com -l myaccount
>email@example.com's password: ********
>remote.host: # export DISPLAY=desk.host:0.0
>remote.host: # xterm &
This is wrong. You don't need to do anything with xhost _at_all_ on a
properly setup box. I will call xauth for you. If the DISPLAY variable is
not set, it is because the client/server is not setting it, and something
want to use it on the server side.
Make sure that you're client is asking for X-Forwarding. You can do this
manually using -X to enable it, or doing it in /etc/ssh/ssh_config. This
is best done on a server-by-server basis, since it can lessen your
security to allow all servers to interact with your X server is not a good
idea on untrusted hosts.
You also need to make sure that X Forwarding is set on the server, by
editing /etc/ssh/sshd_config, and setting these lines as so
Also note that if you're using private/public keys to authenticate, then
features such as X-Forwarding can be disabled for various keys.
To test it (if by now it doesn't work), start ssh with the -v flag. This
will print out verbose messages (debugging really, however, there is a
more detailed mode called debugging also). On the server, if you
'/etc/init.d/ssh stop' the server, then run the server as 'sshd -Dd', you
will get a one-time debugging run of the server. This will very likely
give you the information you need to solve the problem.
I suggest having a read of 'SSH: The Definitive Guide', published by
O'Rielly. I found it very enlightening reading.
Hope this helps.