Ssh – Forwarding X11 not working – Error: Can’t open display: localhost:11.0

LM 17 Xfce OpenSSH_6.6.1p1 Ubuntu-2ubuntu2

Despite googling everywhere, I cannot seem to get this to work. I keep getting this error.

$ xlogo
Error: Can't open display: localhost:10.0

I have tried both types of connections for forwarding x11 with debug and normal instance of sshd

ssh -Y remotehost -p 2500  
ssh -X remotehost -p 2500

The server config permits x11 forwarding.
Testing with a new sshd instance in debug I see this when connecting. The only relevant part of debug I could tell:

debug1: channel 1: new [X11 inet listener]
debug1: channel 2: new [X11 inet listener]

DISPLAY is set

$ echo $DISPLAY
localhost:10.0

The user is a standard user with sudo access and I otherwise have no issue (everything is cli works fine.)

Additionally, I am not using Multiplexing connections &
I can use x11 forwarding when I connect to myself (ssh -X 127.0.0.1).
Using ssh -v while connecting does not give any more useful feedback when the error shows up.
If I missed anything I can try, let me know. I'm stumped.

edit:

$ netstat -l | grep 6010

tcp        0      0 ip6-localhost:6010      *:*                 LISTEN     
tcp6       0      0 ip6-localhost:6010      [::]:*              LISTEN

Also, I did ssh -X 127.0.0.1 on the server and it spit out this:

Warning: No xauth data; using fake authentication data for X11 forwarding.

xauth list. Is this private information I should be concerned about? Not really sure what I'm posting atm.

remotehostname/unix:14  MIT-MAGIC-COOKIE-1  70f068c8dd2431088bcxxxxxxxxx
remotehostname/unix:13  MIT-MAGIC-COOKIE-1  be500209ccb9fb769eexxxxxxxxx
remotehostname/unix:12  MIT-MAGIC-COOKIE-1  01fc30e4887501602ebxxxxxxxxx
remotehostname/unix:11  MIT-MAGIC-COOKIE-1  d04f849725f71070095xxxxxxxxx
remotehostname/unix:10  MIT-MAGIC-COOKIE-1  42e99c898ef9aa295b4xxxxxxxxx

I changed the /etc/hosts file to have localhost come first. Now I get a additional message. I also rebooted to see if that would assist.

127.0.0.1 localhost remotehostname localhost.localdomain
::1 localhost ip6-localhost ip6-loopback


X11 connection rejected because of wrong authentication.
Error: Can't open display: localhost:10.0

I removed my ~/.Xauthority file and am noticing that it is not being automatically created. I tested this on my raspberry pi & it gave me a warning and then created the ~/.Xauthority file. This behaviour does not happen on the remotehost. Permissions are fine to create it however.

Best Answer

Since $DISPLAY is correctly set and the ~/.Xauthority file is not created, this can mean that, though X11 forwarding is taken into account, xauth is not run. One reason could be that it is not in the path (I had this problem under Mac OS X, but this would be strange under Linux). You may want to do the work yourself by creating a ~/.ssh/rc file. For instance, I have the following:

if [ -n "$DISPLAY" ]; then
  echo "DISPLAY: $DISPLAY" >&2
  if read proto cookie; then
    if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
      echo add unix:`echo $DISPLAY | cut -c11-` $proto $cookie
    else
      echo add $DISPLAY $proto $cookie
    fi | $HOME/.ssh/xauth.wrapper -q -
  fi
fi

where ~/.ssh/xauth.wrapper is a wrapper to xauth that implements the locking of the ~/.Xauthority file. But you can use just xauth or the full pathname to xauth just in case... This is much like what is described in the sshd(8) man page (see Section "SSHRC").

Be careful not to do any mistake.

Best Answer

Related Solutions

Ssh – X client forwarded over SSH “cannot open display: localhost:11.0”

Where can I find the MIT-MAGIC-COOKIE in the user side

Related Question