Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Xorg and X11 forwarding via ssh
On Wed, Jun 18, 2008 at 11:32:36PM -0600, cngo%nmsu.edu@localhost wrote:
> I did try to add
>
> > XAuthLocation /usr/pkg/bin/xauth
> > in /etc/ssh/sshd_config and /etc/ssh/ssh_config.
>
> but it doesn't help.
Let me guess.
You start the X Server manually and don't log in through xdm or similar?
In that case you do not have a X11 cookie. Please verify this with:
xauth list $DISPLAY
if you use xdm it should return a MIT-MAGIC-COOKIE or XDM-AUTHORIZATION key.
When there is no such key then X11 forwarding shows a warning with e.g.:
Warning: No xauth data; using fake authentication data for X11 forwarding.
and when starting an X program such as xlock you get:
Xlib: connection to "localhost:10.0" refused by server
Xlib: Invalid MIT-MAGIC-COOKIE-1 key
Error: Can't open display: localhost:10.0
That's because the server, by default, requires the correct key.
You can disable that requirement with 'xhost +localhost' or 'xhost +'
but then you allow anyone on the client or even the whole network
to control your X server.
For some environments this might be ok, but in general, you need to
use xdm or create a cookie manually with xauth.
Greetings,
--
Michael van Elst
Internet: mlelstv%serpens.de@localhost
"A potential Snark may lurk in every tree."
Home |
Main Index |
Thread Index |
Old Index