[OpenIndiana-discuss] X11 Forwarding.. Can't Open Display

Jonathan Leafty jleafty+openindianadiscuss at gmail.com
Mon Aug 22 12:11:19 UTC 2011 

I posted it a couple e-mails ago, I'm new to this whole mailing list thing
too, do attachments come through?

I have exactly those options in my config.

Would you mind posting your ssh_config?

On Sun, Aug 21, 2011 at 6:18 PM, Richard Carback <rick.carback at gmail.com>wrote:

> Can you post your /etc/ssh/sshd_config file?
>
> According to documentation, the options need to be set to something like
> this for it to work:
>
> # X11 tunneling options
> X11Forwarding yes
> X11DisplayOffset 10
> X11UseLocalhost yes
>
> This configuration works for me on multiple operating systems. I am
> using oi-151.
>
> -R
>
> On 8/21/11 3:07 PM, Jonathan Leafty wrote:
> > FYI, I decided to see if maybe Xming was just acting up, enabled
> OpenSSH/X11
> > forwarding on my Ubuntu box and I can successfully launch programs (like
> > gedit).
> >
> > On Sun, Aug 21, 2011 at 11:39 AM, Jonathan Leafty <
> > jleafty+openindianadiscuss at gmail.com> wrote:
> >
> >> On Windows, I use Xming (it's worked prior to the upgrade) and Ubuntu.
> >> I've also just ssh'd from the OpenIndiana host back into itself to try,
> I
> >> remember this worked in the past to test.
> >>
> >> The error when launching something like gedit is always:
> >>  Gtk-WARNING **: cannot open display: localhost:x.0
> >>
> >> Where x is the Offset for the session.  Echo $DISPLAY returns back the
> >> correct information (as far as I know).
> >>
> >> Sorry for the newb questions, I'm sure this is really easy.
> >>
> >> Attached are the configs (still unclear what the difference is for
> >> ssh_config and sshd_config..)
> >>
> >> Between changes I've restarted network/ssh and I've also rebooted.  I
> got
> >> tired of rebooting and decided to ask for help :)
> >>
> >>
> >> On Sun, Aug 21, 2011 at 10:12 AM, Sriram Narayanan <sriram at belenix.org
> >wrote:
> >>
> >>> Sorry, I just realized that you're performing an SSH X11 forwarding,
> >>> so xhost+ won't apply.
> >>>
> >>> -- Sriram
> >>>
> >>> On Sun, Aug 21, 2011 at 10:41 PM, Sriram Narayanan <sriram at belenix.org
> >
> >>> wrote:
> >>>> Some things to check:
> >>>> 1. Did you reload sshd after you changed the config file ?
> >>>> 2. Did you perform an xhost + ?
> >>>>
> >>>> -- Sriram
> >>>>
> >>>> On Sun, Aug 21, 2011 at 10:35 PM, Serge Fonville
> >>>> <serge.fonville at gmail.com> wrote:
> >>>>> Hi,
> >>>>>
> >>>>> A few questions:
> >>>>> Have you looked at the settings in sshd_config.
> >>>>> What error do you get
> >>>>> What software did you use.
> >>>>>
> >>>>> Kind regards/met vriendelijke groet,
> >>>>>
> >>>>> Serge Fonville
> >>>>>
> >>>>> http://www.sergefonville.nl
> >>>>>
> >>>>> Convince Google!!
> >>>>> They need to add GAL support on Android (star to agree)
> >>>>> http://code.google.com/p/android/issues/detail?id=4602
> >>>>>
> >>>>>
> >>>>> 2011/8/21 Jonathan Leafty <jleafty+openindianadiscuss at gmail.com>
> >>>>>
> >>>>>> I recently upgraded my OpenSolaris b134 install to OI 148 and then
> >>> 151a
> >>>>>> I can't seem to get X11 Forwarding to work, every attempt ends in:
> >>>>>> cannot open display: localhost:10.0
> >>>>>>
> >>>>>> It looks like it wasn't enabled after the upgrade in
> >>> /etc/ssh/ssh_config so
> >>>>>> I enabled it there (plus ForwardX11Trusted).  sshd_config has it
> >>> enabled.
> >>>>>> I've tried this from a Windows and Ubuntu box, same result
> >>>>>>
> >>>>>> ssh -v doesn't show anything wrong and I show the OI box listening
> on
> >>> 6010
> >>>>>> (or whatever display offset)
> >>>>>>
> >>>>>> I'm honestly not sure what to do next.
> >>>>>>
> >>>>>> --
> >>>>>> Jonathan
> >>>>>> _______________________________________________
> >>>>>> OpenIndiana-discuss mailing list
> >>>>>> OpenIndiana-discuss at openindiana.org
> >>>>>> http://openindiana.org/mailman/listinfo/openindiana-discuss
> >>>>>>
> >>>>> _______________________________________________
> >>>>> OpenIndiana-discuss mailing list
> >>>>> OpenIndiana-discuss at openindiana.org
> >>>>> http://openindiana.org/mailman/listinfo/openindiana-discuss
> >>>>>
> >>>>
> >>>>
> >>>> --
> >>>> Belenix: www.belenix.org
> >>>>
> >>>
> >>>
> >>> --
> >>> Belenix: www.belenix.org
> >>>
> >>> _______________________________________________
> >>> OpenIndiana-discuss mailing list
> >>> OpenIndiana-discuss at openindiana.org
> >>> http://openindiana.org/mailman/listinfo/openindiana-discuss
> >>>
> >>
> > _______________________________________________
> > OpenIndiana-discuss mailing list
> > OpenIndiana-discuss at openindiana.org
> > http://openindiana.org/mailman/listinfo/openindiana-discuss
>
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>
-------------- next part --------------
#
# Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
#
# Configuration file for sshd(1m) (see also sshd_config(4))
#

# Protocol versions supported
#
# The sshd shipped in this release of Solaris has support for major versions
# 1 and 2.  It is recommended due to security weaknesses in the v1 protocol
# that sites run only v2 if possible. Support for v1 is provided to help sites
# with existing ssh v1 clients/servers to transition. 
# Support for v1 may not be available in a future release of Solaris.
#
# To enable support for v1 an RSA1 key must be created with ssh-keygen(1).
# RSA and DSA keys for protocol v2 are created by /etc/init.d/sshd if they
# do not already exist, RSA1 keys for protocol v1 are not automatically created.

# Uncomment ONLY ONE of the following Protocol statements.

# Only v2 (recommended)
Protocol 2

# Both v1 and v2 (not recommended)
#Protocol 2,1

# Only v1 (not recommended)
#Protocol 1

# Listen port (the IANA registered port number for ssh is 22)
Port 22

# The default listen address is all interfaces, this may need to be changed
# if you wish to restrict the interfaces sshd listens on for a multi homed host.
# Multiple ListenAddress entries are allowed.

# IPv4 only
ListenAddress 0.0.0.0
# IPv4 & IPv6
#ListenAddress ::

# If port forwarding is enabled (default), specify if the server can bind to
# INADDR_ANY. 
# This allows the local port forwarding to work when connections are received
# from any remote host.
GatewayPorts no

# X11 tunneling options
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

# The maximum number of concurrent unauthenticated connections to sshd.
# start:rate:full see sshd(1) for more information.
# The default is 10 unauthenticated clients.
#MaxStartups 10:30:60

# Banner to be printed before authentication starts.
#Banner /etc/issue

# Should sshd print the /etc/motd file and check for mail.
# On Solaris it is assumed that the login shell will do these (eg /etc/profile).
PrintMotd no

# KeepAlive specifies whether keep alive messages are sent to the client.
# See sshd(1) for detailed description of what this means.
# Note that the client may also be sending keep alive messages to the server.
KeepAlive yes

# Syslog facility and level 
SyslogFacility auth
LogLevel info

#
# Authentication configuration
# 

# Host private key files
# Must be on a local disk and readable only by the root user (root:sys 600).
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# Length of the server key
# Default 768, Minimum 512
ServerKeyBits 768

# sshd regenerates the key every KeyRegenerationInterval seconds.
# The key is never stored anywhere except the memory of sshd.
# The default is 1 hour (3600 seconds).
KeyRegenerationInterval 3600

# Ensure secure permissions on users .ssh directory.
StrictModes yes

# Length of time in seconds before a client that hasn't completed
# authentication is disconnected.
# Default is 600 seconds. 0 means no time limit.
LoginGraceTime 600

# Maximum number of retries for authentication
# Default is 6. Default (if unset) for MaxAuthTriesLog is MaxAuthTries / 2
MaxAuthTries	6
MaxAuthTriesLog	3

# Are logins to accounts with empty passwords allowed.
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK 
# to pam_authenticate(3PAM).
PermitEmptyPasswords no

# To disable tunneled clear text passwords, change PasswordAuthentication to no.
PasswordAuthentication yes

# Are root logins permitted using sshd.
# Note that sshd uses pam_authenticate(3PAM) so the root (or any other) user
# maybe denied access by a PAM module regardless of this setting.
# Valid options are yes, without-password, no.
PermitRootLogin no

# sftp subsystem
Subsystem	sftp	internal-sftp


# SSH protocol v1 specific options
#
# The following options only apply to the v1 protocol and provide
# some form of backwards compatibility with the very weak security
# of /usr/bin/rsh.  Their use is not recommended and the functionality
# will be removed when support for v1 protocol is removed.

# Should sshd use .rhosts and .shosts for password less authentication.
IgnoreRhosts yes
RhostsAuthentication no

# Rhosts RSA Authentication
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts.
# If the user on the client side is not root then this won't work on
# Solaris since /usr/bin/ssh is not installed setuid.
RhostsRSAAuthentication no

# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication.
#IgnoreUserKnownHosts yes

# Is pure RSA authentication allowed.
# Default is yes
RSAAuthentication yes

More information about the OpenIndiana-discuss mailing list