LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   ssh over ssh - X forwarding (https://www.linuxquestions.org/questions/linux-software-2/ssh-over-ssh-x-forwarding-417443/)

b0uncer 02-20-2006 03:26 AM
ssh over ssh - X forwarding
 
So, here I am. There is a program that I need to use, on a machine I cannot ssh to directly..I can ssh to another machine, from where I can access that other machine, and run the program (in text mode) over ssh over ssh.

But, I'd need to get it X-forwarded (the GUI would be in this case far better than text). The first machine where I ssh to does X-forwarding ok, and I get all kinds of X-stuff over the ssh. And the other machine does X-forwarding, or at least it ought to do, but it seems it only forwards to the first machine, and not to my machine..

Is it possible to get the X-forwarding work from the 2nd machine via the 1st machine to my own machine? Or does it simply "die" on the 1st machine that's between me and the program. Damn. That sounded complex..

Also, could it have something to do with this that I only seem to get the X-forwarding work if I start ssh with root privileges (which is really not what I'd like to do)?

Here's what's happening in a text-based gui :)

MyMachine <---ssh---> Machine1 <---ssh---> TheApp

And here's what ought to happen:

MyMachine <--ssh/X11--> Machine1 <--ssh/X11--> TheApp

So, ssh-gurus, ideas? :)

P.s. I can't ssh to the other machine directly because the connections are restricted to the "inner" network only, and only one machine is able to take (only certain) connections from the outside world..

spooon 02-20-2006 03:32 AM
It should work. What commands are you using? Are you sure that machine 2 accepts X forwarding?

jschiwal 02-20-2006 04:15 AM
I could be that your machine is rejecting the X server traffic from the second machine. Try using the '-Y' option and see if that works.

b0uncer 02-20-2006 09:03 AM
no, it doesn't work..even with the -Y option. I only get

xset: unable to open display ""
xset: unable to open display ""
xset: unable to open display ""
Can't open display

and that's it..and the X11 forwarding is enabled in both of the machines as far as I know. From the first machine (the one that's between me and the program) I can run things like xclock and they do appear in my own desktop, but anything started from the 2nd machine where the program I need is, only gives me those xset: -lines...

I've set in my ssh settings X11 forwarding (both trusted and the other one) enabled, and it works (I can run xclock from the 1st machine), but only if I sudo ssh. When I have a connection to the other machine, I simply run the command I need ("xclock" command works) without any special options..

CatGrampy 02-20-2006 01:22 PM
Did you try ssh -X ?

b0uncer 02-20-2006 01:41 PM
I tried ssh -X a moment ago, no luck :/ I really wonder what is going on, since I checked again, and X11Forwarding is enabled on both of the machines, but something happens between the 1st and the 2nd machine since the forwarding works from the 1st machine, but not from the 2nd..

I only wonder what could happen between the machines..

pAn1k 02-20-2006 02:18 PM
Are you trying to do this as a regular user, or as root?

jschiwal 02-20-2006 07:18 PM
When you ssh to the second machine, check the value of the DISPLAY variable. It should be something like ":10.0" or "11:0" but I'm guessing that it isn't defined.

jschiwal 02-20-2006 07:22 PM
Check both the /etc/ssh/ssh_config and /etc/sshd_config files.

From /etc/ssh/sshd_config:
UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes

b0uncer 02-27-2006 09:16 AM
problem solved.

for some reason doing ssh -X in both of the machines (my own and the one between me and the 2nd machine) caused the program to run. Nice. Still I thought the ssh_config files were ok on every machine, so that the -X wouldn't be needed..anyway, not supposing anything and just using that -X did the trick :) I haven't found out yet why I have to use that -X on the 2nd machine too, since the configs say X11 forwarding is enabled..

well, now I learnt not to trust simple config files before trying command line options first. Thanks for everybody for you assistance..

timmeke 02-27-2006 10:12 AM
Enabling X11 doesn't necessarily mean that you want to use it.
There is a difference between the server config that enables (aka "allows" the forwarding of X11 connections and the client that actually "asks" to get an X11 connection over the SSH connection (this is the -X option).

If the client can ask for X11 connections by default in his config, then you should have the same X11 settings for SSH on both your machine and "machine1" to make it work, I suppose.


All times are GMT -5. The time now is 07:07 AM.