LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-18-2013, 03:06 AM   #1
unclesamcrazy
Member
 
Registered: May 2013
Posts: 189

Rep: Reputation: 1
open the display of the server on my system


I want to open server's display on my system without using -X with ssh.
I want to log into server using ssh 192.168.xx.xx, now I try to open the server's display on my system. It says "can not open".
What display variable should I export on the server's command line?

I have run on the server
# export DISPLAY="localhost=10.0"
but it still does not open the display of server on my system.

Is ssh -X is the only method to see display of remote host?
 
Old 07-18-2013, 08:50 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,504

Rep: Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992
Quote:
Originally Posted by unclesamcrazy View Post
I want to open server's display on my system without using -X with ssh. I want to log into server using ssh 192.168.xx.xx, now I try to open the server's display on my system. It says "can not open". What display variable should I export on the server's command line?

I have run on the server
# export DISPLAY="localhost=10.0"
but it still does not open the display of server on my system.
Right...why would it? You have set the X display on the remote server, to be ON that server, not on your workstation. When you log in to the remote server, "localhost" references the system you're ON.
Quote:
Is ssh -X is the only method to see display of remote host?
Similar to your other thread about the same topic:
http://www.linuxquestions.org/questi...ot-4175468584/

Please read the last post in there, and this has also been covered MANY times on this site. Again, the steps are:
  1. Make sure your local workstation is running X windows, and is accepting incoming X connections. From a terminal, do a "ps -ef | grep nolisten". If you see a line similar to "/usr/bin/Xorg -br :0 vt7 -nolisten tcp -auth /var/lib/kdm/AuthFiles/A:0-uf4bza", then your workstation is NOT accepting incoming X sessions. How you fix this depends on your version/distro of Linux. For openSUSE 12.3, it's in YAST->Security Center. Reboot after making that change and verify that the "-nolisten" parameter is not there on your X server anymore. Until it's gone, you WILL NOT be able to get X sessions remotely
  2. On your local workstation, type in "xhost +" (a bit insecure), or "xhost <ip address of remote server>" (better)
  3. SSH to your remote server
  4. Type in "export DISPLAY=<ip address of LOCAL workstation>:0"
  5. Run X application
 
Old 07-18-2013, 09:45 AM   #3
unclesamcrazy
Member
 
Registered: May 2013
Posts: 189

Original Poster
Rep: Reputation: 1
Thanks for your prompt reply.
The problem of previous thread is solved because they have taken my machine, that's why I didn't reply on the thread. but now, the machine is new, the set up is new, everything is new so the problem is new.

I can log into the remote server using ssh -X IP-of-the-remote-machine and I am able to open remote machine's display on my system.

But if I log into remote machine using ssh IP-of-the-remote-machine, now if I try to open display it says, can't open display.
It is fine because display variable is not set becaue I haven't used -X with ssh but now I try to set display variable on remote machine using command line, it still says "can not open display"
I ran following command on the remote host machine's command prompt.
Quote:
# export DISPLAY="localhost:10.0"
now if I run
Quote:
echo $DISPLAY
it says
Quote:
localhost:10.0
It is the same output which is shown when I run echo $DISPLAY after logging in using ssh -X
then why does it not open the display?

If I log in using
Quote:
ssh IP-of-remote-machine
and run
Quote:
echo $DISPLAY
it shows blank out put, it is fine because display variable is not set so I set them manually using command line by using this comamnd
Quote:
# export DISPLAY="localhost:10.0"
Then it doesn't open the display.

I have set the display variable on my system too using
Quote:
# export DISPLAY=":0.0"
When I run
Quote:
echo $DISPLAY
it shows
Quote:
:0.0
it is the same output which is appeared when I open the display of remote host on my system using ssh -X.

Last edited by unclesamcrazy; 07-18-2013 at 09:50 AM.
 
Old 07-18-2013, 09:53 AM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,504

Rep: Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992
Quote:
Originally Posted by unclesamcrazy View Post
Thanks for your prompt reply.
The problem of previous thread is solved because they have taken my machine, that's why I didn't reply on the thread. but now, the machine is new, the set up is new, everything is new so the problem is new.

I can log into the remote server using ssh -X IP-of-the-remote-machine and I am able to open remote machine's display on my system.
...which is what you should be doing, so if it works, then continue.
Quote:
But if I log into remote machine using ssh IP-of-the-remote-machine, now if I try to open display it says, can't open display.
It is fine because display variable is not set becaue I haven't used -X with ssh but now I try to set display variable on remote machine using command line, it still says "can not open display" I ran following command on the remote host machine's command prompt.
...and see my previous post, which explains how to do it without the "-x" parameter, which is what you asked. Those are detailed steps...can't tell you more than that.
 
Old 07-18-2013, 11:05 AM   #5
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,661

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
Look at the ssh configuration file (on my system, /etc/ssh/ssh_config). There is an option (usually commented out) "# ForwardX11 no". This shows the default configuration compiled in so change the "no" to "yes" and uncomment.

After that, the -X option is the default.

Note: for it to work, the server must also allow X

Last edited by jpollard; 07-18-2013 at 11:11 AM.
 
Old 07-18-2013, 11:47 AM   #6
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,661

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
A bit more. If all else fails, you can try putting "ForwardX11 yes" in ~.ssh/config (and be sure to remove write access from group/world).
 
Old 07-19-2013, 06:25 AM   #7
unclesamcrazy
Member
 
Registered: May 2013
Posts: 189

Original Poster
Rep: Reputation: 1
Thanks TB0ne for your reply as well as jpollard too.
the five steps you mentioned in my last thread looking perfect but may be I am doing any silly mistake, I am facing same problem if I don't use -X with ssh.
The obvious question is why I don't want to use -X when ssh gives us the facility. Actually I want to understand the mechanism behind ssh and X11.
I learned these links, but I couldn't understand about export display variable.
http://en.wikipedia.org/wiki/X_Window_System
it says
Quote:
To use an X client application on a remote machine, the user does the following:
request local display/input service (e.g., export DISPLAY=[user's machine]:0 if not using SSH with X forwarding or 'tunneling' enabled).
I think you said the same thing in your previous thread
Quote:
A short version of things, some of which you seem to have done already:

Log in to your local workstation as your regular user ID.
Run "xhost +" or "xhost <ip address of remote server>".
SSH to the remote server as your regular user ID.
Assuming you're using BASH, run "export DISPLAY=<ip address of your local workstation>:0"
Run "sudo <command name of whatever X application you want to run>".
I think your fourth step is same as wikipedia's suggestion but it is not working me If I try to log in without using -X with ssh.
I have followed these steps.
1)I open my system, I am using ubuntu 12.10. I log in as user. My IP is 192.168.1.10
2) I run following command on my terminal.
Quote:
$ xhost +
it says
Quote:
access control disabled, clients can connect from any host
or if I run
Quote:
$ xhost 192.168.1.20
it says
Quote:
192.168.1.20 being added to access control list
3) Now I open the terminal and log into server as a user. Server is CentOS-6.3 and it's IP is 192.168.1.20
$ ssh user@192.168.1.20
4) Now I reach on server's user's command prompt. I run following command on server's command prompt
Quote:
$ export DISPLAY=192.168.1.10:0
It says nothing,it shows the prompt again. if I run
Quote:
echo $DISPLAY
it says
Quote:
192.168.1.10:0
Now I try to open server's display on my system using
Quote:
$ sudo gnome-session-properties
It says
Quote:
** (gnome-session-properties:27545): WARNING **: Unable to start: Cannot open display:
If I try to open gedit using
Quote:
$ sudo gedit
it says
Quote:
(gedit:27615): Gtk-WARNING **: cannot open display: 192.168.1.10:0
I don't know where am I wrong.
I just do not want to do this task otherwise I can do it using ssh -X. I want to learn it, how it can be done.
I have read enough theories during my college but they are incomplete without practicals. I got 81 out of 100 in my Linux Admin theory paper but what is the use of this if I can't export a simple display variable.
I have a chance to do practicals now. I don't want to be GURU or VETERAN here but at least I should do this simple jobs by my own. They look very easy if you write 2 or 3 pages about them and get 15 or 16 out of 20 but challenges are here in front of monitor. that's why I am asking these silly questions.
Thanks for your precious time and help.

Last edited by unclesamcrazy; 07-19-2013 at 06:28 AM.
 
Old 07-19-2013, 09:12 AM   #8
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,504

Rep: Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992
Quote:
Originally Posted by unclesamcrazy View Post
Thanks TB0ne for your reply as well as jpollard too.
the five steps you mentioned in my last thread looking perfect but may be I am doing any silly mistake, I am facing same problem if I don't use -X with ssh.
The obvious question is why I don't want to use -X when ssh gives us the facility. Actually I want to understand the mechanism behind ssh and X11.
I learned these links, but I couldn't understand about export display variable.
http://en.wikipedia.org/wiki/X_Window_System
it says

I think you said the same thing in your previous thread

I think your fourth step is same as wikipedia's suggestion but it is not working me If I try to log in without using -X with ssh.
I have followed these steps.
1)I open my system, I am using ubuntu 12.10. I log in as user. My IP is 192.168.1.10
2) I run following command on my terminal.
Code:
xhost +
it says
Code:
access control disabled, clients can connect from any host
or if I run
Code:
$ xhost 192.168.1.20
it says
Code:
192.168.1.20 being added to access control list
3) Now I open the terminal and log into server as a user. Server is CentOS-6.3 and it's IP is 192.168.1.20
$ ssh user@192.168.1.20
4) Now I reach on server's user's command prompt. I run following command on server's command prompt
Code:
$ export DISPLAY=192.168.1.10:0
It says nothing,it shows the prompt again. if I run
Code:
echo $DISPLAY
it says
Code:
192.168.1.10:0
Now I try to open server's display on my system using
Code:
$ sudo gnome-session-properties
It says
Code:
** (gnome-session-properties:27545): WARNING **: Unable to start: Cannot open display:
If I try to open gedit using
Code:
$ sudo gedit
it says
Code:
(gedit:27615): Gtk-WARNING **: cannot open display: 192.168.1.10:0
I don't know where am I wrong.
I just do not want to do this task otherwise I can do it using ssh -X. I want to learn it, how it can be done.
I have read enough theories during my college but they are incomplete without practicals. I got 81 out of 100 in my Linux Admin theory paper but what is the use of this if I can't export a simple display variable.
I have a chance to do practicals now. I don't want to be GURU or VETERAN here but at least I should do this simple jobs by my own. They look very easy if you write 2 or 3 pages about them and get 15 or 16 out of 20 but challenges are here in front of monitor. that's why I am asking these silly questions.
Thanks for your precious time and help.
Ok....go back to the VERY FIRST STEP, posted here again:
  1. Make sure your local workstation is running X windows, and is accepting incoming X connections. From a terminal, do a "ps -ef | grep nolisten". If you see a line similar to "/usr/bin/Xorg -br :0 vt7 -nolisten tcp -auth /var/lib/kdm/AuthFiles/A:0-uf4bza", then your workstation is NOT accepting incoming X sessions. How you fix this depends on your version/distro of Linux. For openSUSE 12.3, it's in YAST->Security Center. Reboot after making that change and verify that the "-nolisten" parameter is not there on your X server anymore. Until it's gone, you WILL NOT be able to get X sessions remotely
    Did you do that?
 
1 members found this post helpful.
Old 07-19-2013, 09:51 AM   #9
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,661

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
ssh forwards X connections, providing an encryption connection to the X server.

Using xhost, in any form, weakens the security of the server by essentially, disabling it.

What sshd does (when forwarding) is to open a second port (6000+offset, where 6000 is the default X TCP port). This second port receives any X connection when the DISPLAY environment variable is set to localhostffset. The "localhost" allows sshd to handle the network connection.

In addition to this, sshd is given an unprivileged access key which it saves in the Xauthority file associated with the "localhostffset" entry. Any TCP connection to the defined X socket is encrypted, tagged as a X data packet (along with a connection id), and forwarded over the ssh tcp connection. The ssh client receives the packet, and then opens a socket to the users X server (if it is an unidentified connection id). This socket is associated (in a table) with the connection established with the sshd connection so that future packets received from the X server will go the correct socket connection established on the sshd side so that the decrypted data can be returned to the application. Decrypted data for already open sockets are then routed to the appropriate place based on the connection id, thus providing a two-way communication between the users local X server, and the remote X application.

In addition to the encryption, ssh provides some data compression as well. Due to the nature of TCP X connections, multiple data packets can be received, packaged together, compressed, encrypted, and passed on. In some/many instances, ssh forwarded X is faster than nearly all connections. Only live video seems to have a bit of a problem.

I think that slowdown is due to the inability to make use of the shared memory connection to the X server. The other limitation is that some applications bypass the X protocol entirely by obtaining a direct connection to the video interface - this can cause some issues (moving a video display around sometimes doesn't quite keep up with the X servers idea of where the window is).
 
1 members found this post helpful.
Old 07-20-2013, 02:24 AM   #10
unclesamcrazy
Member
 
Registered: May 2013
Posts: 189

Original Poster
Rep: Reputation: 1
Thanks TB0ne
I will try this on monday and reply here since saturday sunday is off for me and there is no home network in my home. As long as my office will not know about this, i will try to learn as many functionalities.
Thanks again.

Thanks jpollard
thanks for explanation. Last para was little tough for me whete you explained why live videos are slow and decrypted data and open socket part but if i want to learn i will have to understand this difficult concept too.

As soon as i reach to my system, i will start exploring again.
Thanks
 
Old 07-22-2013, 02:42 AM   #11
unclesamcrazy
Member
 
Registered: May 2013
Posts: 189

Original Poster
Rep: Reputation: 1
Today I have tried your solution and yes there is nolisten on my system, if I run following command
Quote:
$ ps -ef | grep nolisten
It shows
Quote:
root 5273 873 2 12:58 tty7 00:00:13 /usr/bin/X :1 -core -auth /var/run/lightdm/root/:1 -nolisten tcp vt7 -novtswitch
If I run same command on server
$ ps -ef | grep nolisten
It shows
Quote:
root 2686 2678 0 Apr04 tty1 09:38:13 /usr/bin/Xorg :0 -nr -verbose -audit 4 -auth /var/run/gdm/auth-for-gdm-t7Kcj7/database -nolisten tcp vt1
I tries to remove it from my system, but it doesn't go.
I tried to kill the process. I tried to reboot it. Restart xserver.
But it is still there.
I am using ubuntu 12.10 and server is CentOS 6.3.
 
Old 07-22-2013, 06:30 AM   #12
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,661

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
If you kill that process, xdm/kdm/whichever display manager will restart it. And, as Tbone said "How you fix this depends on your version/distro of Linux."


Running such an open X server is an invitation to failed security. That is WHY it is disabled. The X access keys, if any, are passed unencrypted. If no access keys, then ANYONE from the host (assuming using xhost +hostname) or ANYONE from ANYWHERE (using xhost +) can access your system, read your keystrokes, view your display... AND YOU CAN'T CUT THEM OFF WITHOUT TERMINATING THE X SERVER.

Use ssh, that is what it was designed for.
 
Old 07-22-2013, 04:23 PM   #13
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,504

Rep: Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992Reputation: 3992
Quote:
Originally Posted by unclesamcrazy View Post
Today I have tried your solution and yes there is nolisten on my system, if I run following command
It shows

If I run same command on server
$ ps -ef | grep nolisten
It shows


I tries to remove it from my system, but it doesn't go.
I tried to kill the process. I tried to reboot it. Restart xserver.
But it is still there. I am using ubuntu 12.10 and server is CentOS 6.3.
Right...AGAIN, you need to modify your local workstation to accept incoming connections. UNTIL YOU DO, REMOTE X SESSIONS WON'T WORK, unless you're using the -X, as you should.

So...back to the original step one: modify your X window manager. Since you only now have said your local workstation is Ubuntu 12.10, a good place to start is actually looking at Google for how to modify this. I believe it uses LightDM, but there are also documents showing how to do it for GDM, like this:
http://pzuk.wordpress.com/2011/10/21...-ubuntu-11-10/
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Remote X Server Can't Open Display markjuggles Linux - General 4 04-15-2014 03:04 PM
Not able to open display of remote server if client is user and server is root unclesamcrazy Linux - Newbie 16 07-22-2013 01:08 PM
Open Text Editor through C-program at server-side and it should display to all client sarworld Linux - Server 3 04-13-2010 02:54 AM
application server cannot open display via SSH mynameisflorian Linux - Server 3 01-22-2009 02:14 PM
Error: Can't open display (X server problem) km4hr Linux - Networking 1 05-09-2006 03:36 PM


All times are GMT -5. The time now is 02:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration