Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
SSH X Forwarding
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo on PPC
View previous topic :: View next topic  
Author Message
thatguyiam
n00b
n00b


Joined: 17 Nov 2004
Posts: 23

PostPosted: Sun Jan 23, 2005 11:57 pm    Post subject: SSH X Forwarding Reply with quote

This is a rather broad question, so this may not be the best forum to ask it in, but if figure if anyone would know it might be Gentoo users who are familiar with OS X.

Basically, I'm trying to set up my Gentoo box for ssh and X forwarding. The client is a laptop running OS X Panther.

On the Gentoo server, I have ssh configured and running, and X11 configured and running (when a keyboard and monitor are attached to the local machine). On the OSX laptop, I have X11 installed and working, and I can connect to my Gentoo server via SSH both in the regular mac "Terminal" and with xterm running via X11. Here's my configs:

/etc/ssh_config on the client OSX machine:
Code:

#       $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $
# Site-wide defaults for various options

 Host *
#   ForwardAgent no
   ForwardX11 yes
#   RhostsAuthentication no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~


/etc/ssh/sshd_config for the Gentoo server:
Code:

Port 15243
Protocol 2
PermitRootLogin no
PermitEmptyPasswords no
UsePAM yes
X11Forwarding yes
PrintMotd yes
(Thank God for sed and grep!)

And finally, here's the output of xterm, running under X11 on OSX, trying to open a GUI program via SSH:
Code:

osxlaptop:~ tom$ ssh -X -p15243 tom@---.homelinux.org
Password:
Last login: Sun Jan 23 13:32:56 2005 from osxlaptop.school.edu
tom@gentoobox tom $ nmapfe

Gtk-WARNING **: cannot open display: osxlaptop.school.edu:0.0
tom@gentoobox tom $

After typing in a command for a graphical program (like firefox, or in this example nmapfe), the shell hangs for a while (not frozen, but like it's waiting for something to happen), and eventually spits out the 'cannot open display' message.

I've been searching the internet for a while for a solution, but most OSX/X11 documentation is how to install it (click download, double click icon, drool) and what little documentation on this specific subject I can find points to me doing everything right. There's got to be some obvious step I'm missing, some X11 config file or something, either on the gentoo server or osx laptop. Any ideas?
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Mon Jan 24, 2005 12:12 am    Post subject: Reply with quote

Terminology note: If the X program is being executed on the Gentoo box, and the OS X box is displaying it, then in X11 parlance the Gentoo box is the client, while the OS X box displaying it is the server.

Confusing at first, I know.

Are you following this guide? (just curious, as I saw it on /. recently)
Back to top
View user's profile Send private message
thatguyiam
n00b
n00b


Joined: 17 Nov 2004
Posts: 23

PostPosted: Mon Jan 24, 2005 12:47 am    Post subject: Reply with quote

Heh, yes, the terminology is still confusing for me to write, given the term X server, and the server-client model, and both computers having their own X server to serve X to the localhost and so on. But to clarify, the computer running Gentoo has no monitor, keyboard, or mouse input, so the human user is sitting in front of the OS X laptop, trying to run a graphical program that is located on the gentoo computer.

Anyhow, I read that link that freeix posted, and there was one thing that I changed. If I turn off the firewall on the OSX laptop while trying to run an X program via SSH, I get this response instantly:
Code:
tom@solace tom $ nmapfe
Xlib: connection to "osxlaptop.school.edu:0.0" refused by server
Xlib: No protocol specified


Gtk-WARNING **: cannot open display: osxlaptop.school.edu:0.0
tom@solace tom $ gaim
Xlib: connection to "osxlaptop.school.edu:0.0" refused by server
Xlib: No protocol specified


(gaim:7199): Gdk-CRITICAL **: file gdkdisplay-x11.c: line 362 (gdk_display_get_name): assertion `GDK_IS_DISPLAY (display)' failed

** (gaim:7199): WARNING **: cannot open display: unset


I added the output of GAIM as well since it was different than some of the others.

Otherwise, everything they've mentioned I've done. Granted that link expected both computers to be running OSX, but the 'X11Forwarding yes' is set on both computers.

From what I can see, disableing the firewall (I'll have to properly configure it later) on the OSX laptop helped speed things along, but there's still some config file or something that needs to be different. From the looks of it, the gentoo box is trying to send information back to the OSX laptop, but the laptop is refusing it, or doesn't understand it, or otherwise isn't propery processing the information. I'm not really fluent with a lot of the X11 stuff, I understand conceptually how it works (mostly), but this one has be stumped. I'm thinking I need to specify which display the program needs to be displayed in?
Back to top
View user's profile Send private message
thatguyiam
n00b
n00b


Joined: 17 Nov 2004
Posts: 23

PostPosted: Mon Jan 24, 2005 12:58 am    Post subject: Reply with quote

Some google-ing reveals there might be something wrong with my .Xauthority file. I found a different forum post with someone with the exact problem, only when he fixed it he just said he was a moron for not figuring it out earlier. Further google-ing suggests I delete the .Xauthority files from the computers. I did that and retried with no success.
Back to top
View user's profile Send private message
thatguyiam
n00b
n00b


Joined: 17 Nov 2004
Posts: 23

PostPosted: Mon Jan 24, 2005 1:13 am    Post subject: Reply with quote

Some more potentially useful information for anyone still interested and knows how to help me:

On the gentoo box (who's name is solace):
Code:

tom@solace tom $ xauth list
solace/unix:10  MIT-MAGIC-COOKIE-1  589870f5efcbd6c55747d7d49f84db14
tom@solace tom $ echo $DISPLAY
osxlaptop.school.edu:0.0


On the osxlaptop:
Code:

osxlaptop:~ tom$ xauth list
xauth:  creating new authority file /Users/tom/.Xauthority
osxlaptop:~ tom$ echo $DISPLAY
:0.0


I found that information via: http://hacks.oreilly.com/pub/h/1509

Also, I found this thread: https://forums.gentoo.org/viewtopic.php?p=1823616

Which seems to be the same problem, except it's between two linux servers, and the file /etc/security/pam_env.conf doesn't exist on the OSX laptop, and is set correctly on the gentoo box. Also, someone else documented 'rm ~/.Xauthority' as fixing their problem, but it hasn't done mine. I'm so confused :|
Back to top
View user's profile Send private message
thatguyiam
n00b
n00b


Joined: 17 Nov 2004
Posts: 23

PostPosted: Mon Jan 24, 2005 2:20 am    Post subject: Reply with quote

It appears I have automagically fixed it. I commented out the three things in /etc/security/pam_env.conf, rm'ed all the Xauthority files. It still gave errors, but then I rebooted the gentoo box and it works now.
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Mon Jan 24, 2005 2:28 am    Post subject: Reply with quote

Had you restarted sshd after changing pam_env and perhaps even the .Xauthority files? Just a thought.
Back to top
View user's profile Send private message
toojays
Apprentice
Apprentice


Joined: 21 Jul 2002
Posts: 150
Location: Adelaide, Australia

PostPosted: Mon Jan 24, 2005 8:48 am    Post subject: Reply with quote

The easiest fix for this is to disable PAM in sshd_config. Aparently the OpenSSH people have it off by default, but the Gentoo devs turn it on for Gentoo; I guess they don't care that it's broken.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo on PPC All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum