Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I want to open server's display on my system without using -X with ssh.
I want to log into server using ssh 192.168.xx.xx, now I try to open the server's display on my system. It says "can not open".
What display variable should I export on the server's command line?
I have run on the server
# export DISPLAY="localhost=10.0"
but it still does not open the display of server on my system.
Is ssh -X is the only method to see display of remote host?
I want to open server's display on my system without using -X with ssh. I want to log into server using ssh 192.168.xx.xx, now I try to open the server's display on my system. It says "can not open". What display variable should I export on the server's command line?
I have run on the server
# export DISPLAY="localhost=10.0"
but it still does not open the display of server on my system.
Right...why would it? You have set the X display on the remote server, to be ON that server, not on your workstation. When you log in to the remote server, "localhost" references the system you're ON.
Quote:
Is ssh -X is the only method to see display of remote host?
Please read the last post in there, and this has also been covered MANY times on this site. Again, the steps are:
Make sure your local workstation is running X windows, and is accepting incoming X connections. From a terminal, do a "ps -ef | grep nolisten". If you see a line similar to "/usr/bin/Xorg -br :0 vt7 -nolisten tcp -auth /var/lib/kdm/AuthFiles/A:0-uf4bza", then your workstation is NOT accepting incoming X sessions. How you fix this depends on your version/distro of Linux. For openSUSE 12.3, it's in YAST->Security Center. Reboot after making that change and verify that the "-nolisten" parameter is not there on your X server anymore. Until it's gone, you WILL NOT be able to get X sessions remotely
On your local workstation, type in "xhost +" (a bit insecure), or "xhost <ip address of remote server>" (better)
SSH to your remote server
Type in "export DISPLAY=<ip address of LOCAL workstation>:0"
Thanks for your prompt reply.
The problem of previous thread is solved because they have taken my machine, that's why I didn't reply on the thread. but now, the machine is new, the set up is new, everything is new so the problem is new.
I can log into the remote server using ssh -X IP-of-the-remote-machine and I am able to open remote machine's display on my system.
But if I log into remote machine using ssh IP-of-the-remote-machine, now if I try to open display it says, can't open display.
It is fine because display variable is not set becaue I haven't used -X with ssh but now I try to set display variable on remote machine using command line, it still says "can not open display"
I ran following command on the remote host machine's command prompt.
Quote:
# export DISPLAY="localhost:10.0"
now if I run
Quote:
echo $DISPLAY
it says
Quote:
localhost:10.0
It is the same output which is shown when I run echo $DISPLAY after logging in using ssh -X
then why does it not open the display?
If I log in using
Quote:
ssh IP-of-remote-machine
and run
Quote:
echo $DISPLAY
it shows blank out put, it is fine because display variable is not set so I set them manually using command line by using this comamnd
Quote:
# export DISPLAY="localhost:10.0"
Then it doesn't open the display.
I have set the display variable on my system too using
Quote:
# export DISPLAY=":0.0"
When I run
Quote:
echo $DISPLAY
it shows
Quote:
:0.0
it is the same output which is appeared when I open the display of remote host on my system using ssh -X.
Last edited by unclesamcrazy; 07-18-2013 at 09:50 AM.
Thanks for your prompt reply.
The problem of previous thread is solved because they have taken my machine, that's why I didn't reply on the thread. but now, the machine is new, the set up is new, everything is new so the problem is new.
I can log into the remote server using ssh -X IP-of-the-remote-machine and I am able to open remote machine's display on my system.
...which is what you should be doing, so if it works, then continue.
Quote:
But if I log into remote machine using ssh IP-of-the-remote-machine, now if I try to open display it says, can't open display.
It is fine because display variable is not set becaue I haven't used -X with ssh but now I try to set display variable on remote machine using command line, it still says "can not open display" I ran following command on the remote host machine's command prompt.
...and see my previous post, which explains how to do it without the "-x" parameter, which is what you asked. Those are detailed steps...can't tell you more than that.
Look at the ssh configuration file (on my system, /etc/ssh/ssh_config). There is an option (usually commented out) "# ForwardX11 no". This shows the default configuration compiled in so change the "no" to "yes" and uncomment.
After that, the -X option is the default.
Note: for it to work, the server must also allow X
Thanks TB0ne for your reply as well as jpollard too.
the five steps you mentioned in my last thread looking perfect but may be I am doing any silly mistake, I am facing same problem if I don't use -X with ssh.
The obvious question is why I don't want to use -X when ssh gives us the facility. Actually I want to understand the mechanism behind ssh and X11.
I learned these links, but I couldn't understand about export display variable. http://en.wikipedia.org/wiki/X_Window_System
it says
Quote:
To use an X client application on a remote machine, the user does the following:
request local display/input service (e.g., export DISPLAY=[user's machine]:0 if not using SSH with X forwarding or 'tunneling' enabled).
I think you said the same thing in your previous thread
Quote:
A short version of things, some of which you seem to have done already:
Log in to your local workstation as your regular user ID.
Run "xhost +" or "xhost <ip address of remote server>".
SSH to the remote server as your regular user ID.
Assuming you're using BASH, run "export DISPLAY=<ip address of your local workstation>:0"
Run "sudo <command name of whatever X application you want to run>".
I think your fourth step is same as wikipedia's suggestion but it is not working me If I try to log in without using -X with ssh.
I have followed these steps.
1)I open my system, I am using ubuntu 12.10. I log in as user. My IP is 192.168.1.10
2) I run following command on my terminal.
Quote:
$ xhost +
it says
Quote:
access control disabled, clients can connect from any host
or if I run
Quote:
$ xhost 192.168.1.20
it says
Quote:
192.168.1.20 being added to access control list
3) Now I open the terminal and log into server as a user. Server is CentOS-6.3 and it's IP is 192.168.1.20
$ ssh user@192.168.1.20
4) Now I reach on server's user's command prompt. I run following command on server's command prompt
Quote:
$ export DISPLAY=192.168.1.10:0
It says nothing,it shows the prompt again. if I run
Quote:
echo $DISPLAY
it says
Quote:
192.168.1.10:0
Now I try to open server's display on my system using
Quote:
$ sudo gnome-session-properties
It says
Quote:
** (gnome-session-properties:27545): WARNING **: Unable to start: Cannot open display:
If I try to open gedit using
Quote:
$ sudo gedit
it says
Quote:
(gedit:27615): Gtk-WARNING **: cannot open display: 192.168.1.10:0
I don't know where am I wrong.
I just do not want to do this task otherwise I can do it using ssh -X. I want to learn it, how it can be done.
I have read enough theories during my college but they are incomplete without practicals. I got 81 out of 100 in my Linux Admin theory paper but what is the use of this if I can't export a simple display variable.
I have a chance to do practicals now. I don't want to be GURU or VETERAN here but at least I should do this simple jobs by my own. They look very easy if you write 2 or 3 pages about them and get 15 or 16 out of 20 but challenges are here in front of monitor. that's why I am asking these silly questions.
Thanks for your precious time and help.
Last edited by unclesamcrazy; 07-19-2013 at 06:28 AM.
Thanks TB0ne for your reply as well as jpollard too.
the five steps you mentioned in my last thread looking perfect but may be I am doing any silly mistake, I am facing same problem if I don't use -X with ssh.
The obvious question is why I don't want to use -X when ssh gives us the facility. Actually I want to understand the mechanism behind ssh and X11.
I learned these links, but I couldn't understand about export display variable. http://en.wikipedia.org/wiki/X_Window_System
it says
I think you said the same thing in your previous thread
I think your fourth step is same as wikipedia's suggestion but it is not working me If I try to log in without using -X with ssh.
I have followed these steps.
1)I open my system, I am using ubuntu 12.10. I log in as user. My IP is 192.168.1.10
2) I run following command on my terminal.
Code:
xhost +
it says
Code:
access control disabled, clients can connect from any host
or if I run
Code:
$ xhost 192.168.1.20
it says
Code:
192.168.1.20 being added to access control list
3) Now I open the terminal and log into server as a user. Server is CentOS-6.3 and it's IP is 192.168.1.20
$ ssh user@192.168.1.20
4) Now I reach on server's user's command prompt. I run following command on server's command prompt
Code:
$ export DISPLAY=192.168.1.10:0
It says nothing,it shows the prompt again. if I run
Code:
echo $DISPLAY
it says
Code:
192.168.1.10:0
Now I try to open server's display on my system using
Code:
$ sudo gnome-session-properties
It says
Code:
** (gnome-session-properties:27545): WARNING **: Unable to start: Cannot open display:
If I try to open gedit using
Code:
$ sudo gedit
it says
Code:
(gedit:27615): Gtk-WARNING **: cannot open display: 192.168.1.10:0
I don't know where am I wrong.
I just do not want to do this task otherwise I can do it using ssh -X. I want to learn it, how it can be done.
I have read enough theories during my college but they are incomplete without practicals. I got 81 out of 100 in my Linux Admin theory paper but what is the use of this if I can't export a simple display variable.
I have a chance to do practicals now. I don't want to be GURU or VETERAN here but at least I should do this simple jobs by my own. They look very easy if you write 2 or 3 pages about them and get 15 or 16 out of 20 but challenges are here in front of monitor. that's why I am asking these silly questions.
Thanks for your precious time and help.
Ok....go back to the VERY FIRST STEP, posted here again:
Make sure your local workstation is running X windows, and is accepting incoming X connections. From a terminal, do a "ps -ef | grep nolisten". If you see a line similar to "/usr/bin/Xorg -br :0 vt7 -nolisten tcp -auth /var/lib/kdm/AuthFiles/A:0-uf4bza", then your workstation is NOT accepting incoming X sessions. How you fix this depends on your version/distro of Linux. For openSUSE 12.3, it's in YAST->Security Center. Reboot after making that change and verify that the "-nolisten" parameter is not there on your X server anymore. Until it's gone, you WILL NOT be able to get X sessions remotely
Did you do that?
ssh forwards X connections, providing an encryption connection to the X server.
Using xhost, in any form, weakens the security of the server by essentially, disabling it.
What sshd does (when forwarding) is to open a second port (6000+offset, where 6000 is the default X TCP port). This second port receives any X connection when the DISPLAY environment variable is set to localhostffset. The "localhost" allows sshd to handle the network connection.
In addition to this, sshd is given an unprivileged access key which it saves in the Xauthority file associated with the "localhostffset" entry. Any TCP connection to the defined X socket is encrypted, tagged as a X data packet (along with a connection id), and forwarded over the ssh tcp connection. The ssh client receives the packet, and then opens a socket to the users X server (if it is an unidentified connection id). This socket is associated (in a table) with the connection established with the sshd connection so that future packets received from the X server will go the correct socket connection established on the sshd side so that the decrypted data can be returned to the application. Decrypted data for already open sockets are then routed to the appropriate place based on the connection id, thus providing a two-way communication between the users local X server, and the remote X application.
In addition to the encryption, ssh provides some data compression as well. Due to the nature of TCP X connections, multiple data packets can be received, packaged together, compressed, encrypted, and passed on. In some/many instances, ssh forwarded X is faster than nearly all connections. Only live video seems to have a bit of a problem.
I think that slowdown is due to the inability to make use of the shared memory connection to the X server. The other limitation is that some applications bypass the X protocol entirely by obtaining a direct connection to the video interface - this can cause some issues (moving a video display around sometimes doesn't quite keep up with the X servers idea of where the window is).
Thanks TB0ne
I will try this on monday and reply here since saturday sunday is off for me and there is no home network in my home. As long as my office will not know about this, i will try to learn as many functionalities.
Thanks again.
Thanks jpollard
thanks for explanation. Last para was little tough for me whete you explained why live videos are slow and decrypted data and open socket part but if i want to learn i will have to understand this difficult concept too.
As soon as i reach to my system, i will start exploring again.
Thanks
I tries to remove it from my system, but it doesn't go.
I tried to kill the process. I tried to reboot it. Restart xserver.
But it is still there.
I am using ubuntu 12.10 and server is CentOS 6.3.
If you kill that process, xdm/kdm/whichever display manager will restart it. And, as Tbone said "How you fix this depends on your version/distro of Linux."
Running such an open X server is an invitation to failed security. That is WHY it is disabled. The X access keys, if any, are passed unencrypted. If no access keys, then ANYONE from the host (assuming using xhost +hostname) or ANYONE from ANYWHERE (using xhost +) can access your system, read your keystrokes, view your display... AND YOU CAN'T CUT THEM OFF WITHOUT TERMINATING THE X SERVER.
Today I have tried your solution and yes there is nolisten on my system, if I run following command
It shows
If I run same command on server
$ ps -ef | grep nolisten
It shows
I tries to remove it from my system, but it doesn't go.
I tried to kill the process. I tried to reboot it. Restart xserver.
But it is still there. I am using ubuntu 12.10 and server is CentOS 6.3.
Right...AGAIN, you need to modify your local workstation to accept incoming connections. UNTIL YOU DO, REMOTE X SESSIONS WON'T WORK, unless you're using the -X, as you should.
So...back to the original step one: modify your X window manager. Since you only now have said your local workstation is Ubuntu 12.10, a good place to start is actually looking at Google for how to modify this. I believe it uses LightDM, but there are also documents showing how to do it for GDM, like this: http://pzuk.wordpress.com/2011/10/21...-ubuntu-11-10/
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.