LM 17 Xfce OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
Despite googling everywhere, I cannot seem to get this to work. I keep getting this error.
$ xlogo
Error: Can't open display: localhost:10.0
I have tried both types of connections for forwarding x11 with debug and normal instance of sshd
ssh -Y remotehost -p 2500
ssh -X remotehost -p 2500
The server config permits x11 forwarding.
Testing with a new sshd instance in debug I see this when connecting. The only relevant part of debug I could tell:
debug1: channel 1: new [X11 inet listener]
debug1: channel 2: new [X11 inet listener]
DISPLAY is set
$ echo $DISPLAY
localhost:10.0
The user is a standard user with sudo access and I otherwise have no issue (everything is cli works fine.)
Additionally, I am not using Multiplexing connections &
I can use x11 forwarding when I connect to myself (ssh -X 127.0.0.1).
Using ssh -v while connecting does not give any more useful feedback when the error shows up.
If I missed anything I can try, let me know. I'm stumped.
edit:
$ netstat -l | grep 6010
tcp 0 0 ip6-localhost:6010 *:* LISTEN
tcp6 0 0 ip6-localhost:6010 [::]:* LISTEN
Also, I did ssh -X 127.0.0.1 on the server and it spit out this:
Warning: No xauth data; using fake authentication data for X11 forwarding.
xauth list. Is this private information I should be concerned about? Not really sure what I'm posting atm.
remotehostname/unix:14 MIT-MAGIC-COOKIE-1 70f068c8dd2431088bcxxxxxxxxx
remotehostname/unix:13 MIT-MAGIC-COOKIE-1 be500209ccb9fb769eexxxxxxxxx
remotehostname/unix:12 MIT-MAGIC-COOKIE-1 01fc30e4887501602ebxxxxxxxxx
remotehostname/unix:11 MIT-MAGIC-COOKIE-1 d04f849725f71070095xxxxxxxxx
remotehostname/unix:10 MIT-MAGIC-COOKIE-1 42e99c898ef9aa295b4xxxxxxxxx
I changed the /etc/hosts file to have localhost come first. Now I get a additional message. I also rebooted to see if that would assist.
127.0.0.1 localhost remotehostname localhost.localdomain
::1 localhost ip6-localhost ip6-loopback
X11 connection rejected because of wrong authentication.
Error: Can't open display: localhost:10.0
I removed my ~/.Xauthority file and am noticing that it is not being automatically created. I tested this on my raspberry pi & it gave me a warning and then created the ~/.Xauthority file. This behaviour does not happen on the remotehost. Permissions are fine to create it however.
Best Answer
Since
$DISPLAY
is correctly set and the~/.Xauthority
file is not created, this can mean that, though X11 forwarding is taken into account,xauth
is not run. One reason could be that it is not in the path (I had this problem under Mac OS X, but this would be strange under Linux). You may want to do the work yourself by creating a~/.ssh/rc
file. For instance, I have the following:where
~/.ssh/xauth.wrapper
is a wrapper toxauth
that implements the locking of the~/.Xauthority
file. But you can use justxauth
or the full pathname toxauth
just in case... This is much like what is described in the sshd(8) man page (see Section "SSHRC").Be careful not to do any mistake.