Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
When I ssh into my home server from my laptop, it doesn't seem to handle X11-forwarding anymore. If I run a command like "xclock" I don't see any errors on my terminal and it acts like its running (no new command prompt), but I get no GUI. I think I've narrowed it down a little bit, but now I'm at a sticking point.
I'm running my server headless, but I know that the X11-server is running and working. I can establish a VNC desktop on the machine (X11 display :1.0), log into that and see all the graphics that I want. I also know that my laptop's ssh X11-forwarding is working because it works fine when I connect to a different server.
This used to work, so I don't understand why it won't now. I haven't made any changes that should affect it. My /etc/ssh/sshd_config still contains "AllowTcpForwarding yes" and "X11Forwarding yes" and "X11DisplayOffset 10" the command I use to connect should be correct as well "ssh -X 192.168.0.105" I have tried -Y, but that didn't fix anything.
It seems that there is some sort of a disconnect between sshd and X11 on my server, but I don't know how to get any relevant debugging output. Any thoughts or suggestions?
I'm running my server headless, but I know that the X11-server is running and working.
I'm going to guess that this is the problem. For X forwarding, you don't need X running on your remote machine, but you do need X running on your local machine. In other words, X must be running on the machine originating the SSH connection. X running on the SSH server is irrelevant.
Brian1: I worked through that thread, adding lines to my sshd_config and ssh_config as necessary (mine mostly matched), and it still doesn't work. "echo $DISPLAY" returns "localhost:10.0" but when I run something like xclock, it does nothing. No errors, no window, but I still have to <ctrl>-c to kill the app and get the command line back. If it would help, I can post all the relevant config files. I haven't been able to find anything wrong with them yet, though.
Hangdog42: There is an X11-server running on both client and server. Both should be working; I know that X11 is working on my laptop (originating the ssh connection). If it isn't than I don't know how all these windows are here... :P
From my laptop, I can ssh to machine Z or machine Y and get an X11 program to run. Also, if I ssh into my server from machine Z, I still can't get an X11 window. As well, if I ssh from my laptop to my server, then ssh from server to machine Z (X11 should be forwarded through the two machines back to laptop), X11 doesn't work. If I ssh directly to machine Z, or from laptop to machine Z through machine Y, X11 works.
let me paraphrase:
I take back what I said before, I did just get an error. (I guess Ive been too impatient until now) If I wait long enough after entering "xclock" I get a general "Error: Can't open display: localhost:10.0" Which "localhost" is that referring to? server localhost, or laptop localhost?
Last edited by umichLinux; 01-28-2007 at 08:30 PM.
I tinkered some more, and I found that when I disabled the firewall around my server, it suddenly worked! My firewall rules even blocked network traffic from localhost, including, I assume, X11 connections. Now X11 connections work with the firewall up as long as I have a rule allowing all packets from localhost.
(I don't remember having trouble since I put up the firewall...I guess I just haven't tried since then.)
Depending on what you did to your firewall, this might not be a good thing. If you are really forwarding X through an SSH tunnel, you should only need to have the SSH port open on the server. The problem is that if you opened the ports that X uses, you may have significantly weakened your server's security.