[SOLVED] SSH: X11 forwarding request failed on channel 0
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
yes, but in a terminal window, or in a console, or during the boot, or? Have you looked at the log of ssh and sshd? try to increase the log level (DEBUG). I still do not know if ssh was really successful and you can log in with it. Also I would like to see the config of ssh and sshd, maybe something is not set correctly. There a lot of things to check and actually there is no info to work with.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,672
Original Poster
Rep:
I'm SSHing from a terminal in XFCE. Both machines are logged into XFCE desktops.
I've attached sshd_config and ssh_config though I've made no changes to ssh_config and use the -X option to forward X. I'm not sure how to start the server with debugging on and where to look for the information it gives.
You can set the log by adding this to the config (both sides):
LogLevel DEBUG
Gives the verbosity level that is used when logging messages from ssh(1). The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and
DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output.
I had to add "X11UseLocalhost no" do sshd_config, which removed the error during ssh connection.
Then the problem with "Can't open display: ..." appeared despite the $DISPLAY variable was set properly, and netstat reported no port 6010.
I have found out that I had no 'lo' interface (only ethN) configured. Adding it allowed proper opening of port :6010 which was missing.
Maybe proper setting up / enabling / diabling INET6 addresses would also do the trick, but I'm fine with my solution
Let me solve all your issues with this............
The X11 Forwarding is effected by disabling IP6 in the Network configuration and not removing all of the IP6 host references. If IP6 is active as in openSUSE 13.1, and you disable IP6, X11 no longer forwards. If your reactivate IP6 then it works again.
I believe you have to remove all references in Hostnames so that is can properly find the IP4 addresses properly when X11 checks.
I think that will solve almost all issues with X11 forwarding from several web sites that I have seen which at no time has this been discussed. Also if X11 has a setting which uses IP6 forwarding and you disable it, you may also need to turn that off so it defaults to IP4 use.
Normally, X doesn't support TCP connections (it usually lacks encrypted sessions, so the authentication is unprotected). It uses local domain sockets in /tmp/.X11-unix/<display number>.
Thus xhost+ does nothing special, except allow any other local user to connect to your X session. It doesn't do anything for remote connections.
sshd establishes its own authentication on the remote (sshd) side. That is where it uses "localhost" or the local host name for a network name. If you have "X11UseLocalHost no" then it will use the host name. If that host name isn't in the /etc/hosts file (or a DNS entry) then it will fail (no IP number available to use for forwarding). If you have "X11UseLocalHost yes", then it will use 127.0.0.1 for the IP number (which should work), followed by the 6000+"X11DisplayOffset" (for the first attempt. If error, it adds one and tries again).
The major advantage "localhost" has is that it helps prevent remote attacks - they must be local attacks instead.
Personally, I think sshd should use domain sockets instead - but that limits using a ssh connection from being a possible network collection point for multiple OTHER connections on the remote network.
You will also get this message if you don't have X packages installed on the remote system. "ssh -v -X hostname" will mention something like "xauth not found". On RHEL6 (CentOS6, etc.), the only change required to fix this message is to 'yum groupinstall "X Window System"' on the remote system. There's probably a smaller set o packages that could be use to fulfil the requirements, but that's the easiest.
You will also get this message if you don't have X packages installed on the remote system. "ssh -v -X hostname" will mention something like "xauth not found". On RHEL6 (CentOS6, etc.), the only change required to fix this message is to 'yum groupinstall "X Window System"' on the remote system. There's probably a smaller set o packages that could be use to fulfil the requirements, but that's the easiest.
It should be in the package xorg-x11-xauth. That is the only thing in there, but it will pull in any X libraries that may be necessary.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.