[SOLVED] Unable to use X11 forwarding after Decrypting Encrypted Home Directory
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Unable to use X11 forwarding after Decrypting Encrypted Home Directory
Hello Everyone,
I am experiencing issues using SSH and X11 Forwarding. My setup is an Ubuntu Server running Ubuntu 15.10 (Server) soon to be upgraded to 16.04 (with DEs and applications for forwarding), a Dell Inspiron Mini netbook (Client) (Mainly used for WAN), and other Linux Machines (Used mainly on LAN/WLAN). My question is, how do I use X11 forwarding with an encrypted home directory? The server is headless.
The error Message upon starting the Graphical UI is:
"xrdb: Resource temporarily unavailable"
"X11 Connection Rejected: Wrong Authentication"
"Cannot Open Display"
"Connection to |------Host------| Closed."
I currently use RSA keys for authentication. I have moved my authorized keys file to /etc/ so I can login (given that the home directory is encrypted).
All help is greatly appreciated.
Sincerely,
d3h
Last edited by donald3.heckel; 04-29-2016 at 09:23 AM.
I am able to log in successfully without issue. I have X11 Forwarding enabled on the server side in my sshd_config. I cannot forward it at this time even after decrypting my home directory. I would like to mention that there is a timeout in locking .Xauthority upon connecting.
(X11Forwarding = yes).
Sincerely,
donald3.heckel
Last edited by donald3.heckel; 04-29-2016 at 11:54 AM.
In regards to the "login -p" option, I was utilizing the login command in order to login on top of the SSH connection to try X11 forwarding as such. I believe the -p flag is for "prompt" I believe as in some sort of virtual TTY (Please correct me if I am wrong). The .Xauthority file should be well in place to execute the X11 environment.
I am using the stock OpenSSH client for Linux (Linux distributions mainly involving Ubuntu variants) to log in to my aforementioned server.
Let me know if there is anymore information you need.
Sincerely,
donald3.heckel
Last edited by donald3.heckel; 05-01-2016 at 04:39 PM.
Reason: Adding/Updating Information/Scenario
X11 connection rejected because of wrong authentication.
X11 connection rejected because of wrong authentication.
Failed to connect to Mir: Failed to connect to server socket: No such file or directory
Unable to init server: Broadway display type not supported: |------Host------|:10.0
Error: cannot open display: |------Host------|:10.0
with the .Xauthority intact.
Sincerely,
donald3.heckel
Last edited by donald3.heckel; 05-01-2016 at 08:04 PM.
Reason: Redacted the host for security purposes.
X11 forwarding works when I log into the local machine to decrypt the home directory. I also have the server running on runlevel 3 because my goal is to have a headless, command line only interface that can forward applications. Would it be possible to accomplish that? Or would it need to be in runlevel 5 to forward applications?
If I have to have runlevel 5 for application forwarding, then I would like to do it without a display manager.
Sincerely,
donald3.heckel
Last edited by donald3.heckel; 05-01-2016 at 08:08 PM.
it seems as if it will only forward if I am logged in to a TTY or something to that effect. It keeps giving me those messages. It would be nice to be able to forward over SSH without having to log in locally on the machine.
The messages are as follows:
Code:
debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max 16384
debug1: client_request_x11: request from 127.0.0.1 51440
debug1: channel 1: new [x11]
debug1: confirm x11
X11 connection rejected because of wrong authentication.
debug1: channel 1: free: x11, nchannels 2
Error: Can't open display: |------HOST------|:10.0
Anymore suggestions?
It shows x11 is there, but it rejects authentication. When I switch runlevels, I get the following:
Code:
sudo telinit 3
PolicyKit daemon disconnected from the bus.
We are no longer a registered authentication agent.
Code:
sudo telinit 5
PolicyKit daemon disconnected from the bus.
We are no longer a registered authentication agent.
PolicyKit daemon reconnected to bus.
Attempting to re-register as an authentication agent.
We are now a registered authentication agent.
and yet... Still no forwarding even on runlevel 5
I hope my server can ubuntu serve me some ubuntu grade espresso before too long.
Are you in your LAN? Then you could use native feature of X to run in one machine and display on another as workaround, it does not require SSH. I wouldn't do it over internet, though.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.