Re: ssh + X11
Arnt Karlsen said:
> On Thu, 18 Sep 2003 14:16:59 +0100,
> Colin Watson <cjwatson@debian.org> wrote in message
> <[🔎] 20030918131659.GB24193@riva.ucam.org>:
>
>> On Thu, Sep 18, 2003 at 03:06:54PM +0200, Arnt Karlsen wrote:
>> > On Thu, 18 Sep 2003 11:42:32 +0100,
>> > Colin Watson <cjwatson@debian.org> wrote in message
>> > <[🔎] 20030918104232.GB23033@riva.ucam.org>:
>> > > On Thu, Sep 18, 2003 at 12:20:37PM +0200, Arnt Karlsen wrote:
>> > > > ..."=yes", and it can be overridden with -X, is how it works
>> > > > here. ;-)
>> > >
>> > > If the server has 'X11Forwarding no', which is the default, then
>> > > nothing you do to the client, -X or no -X, will let you forward
>> > > X11 traffic. You need to configure the server with 'X11Forwarding
>> > > yes'.
>> >
>> > ..then something is wrong here, because I ssh -X all I like from my
>> > X11Forwarding=no boxes. ;-)
>>
>> *From* your 'X11Forwarding no' boxes? The client makes no difference,
>> it's the sshd_config on the server, the box you're connecting *to*,
>> that matters.
>
> ..yep, I own all but 2 boxes in my lab, and have root access
> on all, and I see no X11Forwarding here.
no X11Forwarding as in the line isn't in the file, or as in:
X11Forwarding no
>
>> Also, you'd only notice a problem when you tried to open an X client
>> over the ssh connection.
>
> ..yeah, I was half way back to RH before I picked up the "-X"
> here in DU, does not neccesarily mean I got it right, though.
>
Wow, something must be wrong
..unless
you're not looking at /etc/ssh/sshd_config, but instead looking at
/etc/ssh/ssh_config and mixing X11Forwarding up with ForwardX11. I doubt
that, but it's the only non-code-issue I could think of short of some
non-standard /etc/init.d/ssh file with say "ssh -o 'X11Forwarding yes'".
If the X11Forwarding line isn't even in the file, then maybe sshd has been
recompiled with X11Forwarding as the default? (Woody defaults to 'no' as
far as I can tell)
(Sorry, I just had to use '..' ;) )
When I set /etc/ssh/sshd_config
X11Forwarding no
and restart the sshd service, the next time I connect with ssh -X (or
without that and ~/.ssh/config ForwardX11=yes or that set in the
/etc/ssh/ssh_config) I see that $DISPLAY isn't set. xclock of course says
"Error: Can't open display". I set $DISPLAY to localhost:10.0 (the first
offset set in my sshd_config file and no one else is sshing to the
machine) and xclock says "Error: Can't open display: localhost:10.0". I
change the setting back to X11Forwarding yes, restart sshd. Disconnect,
reconnect with forwarding requested by my client ssh session and $DISPLAY
is auto-set to localhost:10.0 and xclock works.
This is ssh'ing to a (OpenBSD Secure Shell server) Debian stable 'Woody'
system with the ssh 3.4p1-1.woody.2 update. It worked this way before the
update as well. I don't have a 'Sid' system nearby to test on.
--
Jacob
Trying out SquirrelMail
Reply to: