LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 10-13-2013, 10:08 PM   #1
jim.thornton
Member
 
Registered: May 2007
Posts: 308

Rep: Reputation: 17
Can't get X11 Forwarding to work


I've just setup a new server running Debian 7. I am trying to get X11 forwarding to work but I can't get it to work.

Does X-Windows have to be installed on the server in order for it to forward to my remote laptop?

Scenario:
Server: Remote VPS (ip: xxx.xx.xx.xx)
Laptop: Local LAN (running Linux Mint 13)
Terminal: Just using the basic terminal installed with Linux Mint.

I ssh -X into the Server.

But X11 forwarding doesn't seem to be working.
 
Old 10-14-2013, 02:58 AM   #2
mddesai
Member
 
Registered: Mar 2013
Location: Bengaluru, India
Distribution: Redhat, Arch
Posts: 478

Rep: Reputation: 132Reputation: 132
In server install
Code:
apt-get install xauth
More: How to enable X11 forwarding using ssh

Last edited by mddesai; 10-14-2013 at 03:02 AM.
 
Old 10-14-2013, 04:25 AM   #3
JJJCR
Member
 
Registered: Apr 2010
Posts: 540

Rep: Reputation: 25
from this link: http://www.debian.org/doc/manuals/de...e/ch07.en.html

Quote:
7.5.4. Connecting a remote X client via SSH

The use of "ssh -X" enables a secure connection from a local X server to a remote application server.

Set "X11Forwarding" entries to "yes" in "/etc/ssh/sshd_config" of the remote host, if you want to avoid "-X" command-line option.

Start the X server on the local host.

Open an xterm in the local host.

Last edited by JJJCR; 10-14-2013 at 04:25 AM. Reason: edit
 
Old 10-14-2013, 09:12 AM   #4
jim.thornton
Member
 
Registered: May 2007
Posts: 308

Original Poster
Rep: Reputation: 17
Thank you... I have already set the X11Forwarding to yes in the config file on both the server and the client.

When you say start X server on local, not sure what you mean? On my laptop or on the server? Wouldn't the X Server be running since I use the GUI in Mint??

I have been using the regular terminal. Will that not work?
 
Old 10-14-2013, 09:34 AM   #5
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,834

Rep: Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370Reputation: 2370
Quote:
Originally Posted by jim.thornton View Post
Thank you... I have already set the X11Forwarding to yes in the config file on both the server and the client.
When you say start X server on local, not sure what you mean? On my laptop or on the server? Wouldn't the X Server be running since I use the GUI in Mint??

I have been using the regular terminal. Will that not work?
Yes, it will, and you are running an X server. However, your X server must allow incoming connections, otherwise it will fail. Go into a terminal window and type in "ps -ef | grep -i listen". If you see a line with "nolisten" in it, it's probably your X server. By default (for security purposes), it's disabled. This guide:
http://community.linuxmint.com/tutorial/view/1253

...will help you.
 
Old 10-14-2013, 09:39 AM   #6
jim.thornton
Member
 
Registered: May 2007
Posts: 308

Original Poster
Rep: Reputation: 17
Do I have to change this:

Code:
 Export display to the local machine:

$ export DISPLAY=local_ip:0.0
I have a dynamic IP. In addition, then I would have to setup port forwarding wouldn't I?
 
Old 10-14-2013, 10:16 AM   #7
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,299

Rep: Reputation: 395Reputation: 395Reputation: 395Reputation: 395
Quote:
Originally Posted by jim.thornton View Post
Do I have to change this:

Code:
 Export display to the local machine:

$ export DISPLAY=local_ip:0.0
I have a dynamic IP. In addition, then I would have to setup port forwarding wouldn't I?
what has the dynamic IP? the server on your VPS, or your laptop.

if you are talking about your laptop who cares, its an outgoing request, has nothing to do with your IP.

if your server has a dynamic IP, its not much use as a server unless you are running some type of dynamic DNS.

on the server (your VPS) you have to have at least xauth installed as noted above. You also have to have allow X11Forwarding configured on the server.

So far as your client is concerned it should not matter, you should not have to make any changes to the client. the use of -X or -Y should activate X11Forwarding via your ssh connection.

you can always run -vv in your ssh connection to get more details.

Code:
[user@user ~]$ ssh -vv user@localhost
OpenSSH_6.2p2, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/user/.ssh/config
debug1: /home/user/.ssh/config line 13: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 50: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH*
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ssh-dss-cert-v01@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5-etm@openssh.com
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug2: mac_setup: found hmac-md5-etm@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 129/256
debug2: bits set: 528/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA e5:6a:bb:c5:a4:33:80:2f:08:9a:71:40:9e:95:08:f6
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:8
debug2: bits set: 499/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/user/.ssh/id_rsa (0x7f107be1eee0),
debug2: key: /home/user/.ssh/id_dsa ((nil)),
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available

debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/user/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
user@localhost's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
Authenticated to localhost ([::1]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: x11_get_proto: /usr/bin/xauth  list :0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 1
debug1: Requesting authentication agent forwarding.
debug2: channel 0: request auth-agent-req@openssh.com confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=ibus
debug2: channel 0: request env confirm 0
debug1: Sending env LANG = en_US.utf8
debug2: channel 0: request env confirm 0
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: X11 forwarding request accepted on channel 0
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login: Mon Oct 14 11:11:12 2013 from localhost
[user@user ~]$
looking through that output you can see X11 is active in my forwarding and i had to provide a p/w instead of use my normal ssh key. ive not setup my laptop to use a key to log in locally.

That will tell you much more then just shooting in the dark.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
X11 Forwarding Oxagast Linux - Software 1 09-02-2008 03:14 AM
Unable to get X11 port forwarding to work in SSH Windowns Solaris / OpenSolaris 19 09-28-2006 05:52 AM
X11 forwarding doesn´t work anymore!? overlord73 Fedora 3 04-01-2005 01:09 AM
X11 forwarding paul_mat Linux - Newbie 3 12-12-2004 06:30 PM


All times are GMT -5. The time now is 10:24 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration