Hi,
I'll just add a little to what Stephen said. Focus on getting #1 to
work, which is to log into a remote machine and open a graphical window.
It looks like you have all the right options on your client end, but you
also have to have it enabled on the machine you are logging into.
On the machine you are logging into, look at your /etc/ssh/sshd_config
and look for the line X11Forwarding, and make sure it is yes, like so
X11Forwarding yes
You also have to make sure that xauth is installed. It is on most every
machine that has X installed, but if you start with a stripped down
server, sometimes you don't get xauth. To check (on SL5) just do
rpm -q xorg-x11-xauth
Also, for me, when I check to see what my display setting is, I always do
echo $DISPLAY
And it should come back something like
localhost:10.0
That is because it's doing an ssh tunnel, so it thinks it's the localhost.
Hope this helps
Troy
Stephen J. Gowdy wrote:
Hi William,
X displays usually are setup to enforce some sort of security.
Otherwise anyone would be able to read your password.
In case 1, was DISPLAY set on hpsl5 before you typed ssh?
I'm not sure case 2 is possible. You should use some sort of
conferencing system to allow remote users to see your display (like EVO).
For case 3 whoever is logged in the X-window should be allowed to
open windows. xauth is used normally to manage authorisation and you could
enable others to open windows on the local machine by extracting the
correct key from whoever has started the x-windows session. If I assume it
is wss, he would type something like;
xauth list > auth.list
then wsshu would type;
xauth merge ~wss/auth.list
assuming he is able to read that file. If not you should copy it somewhere
wsshu can read it. This probably only works till wss exits his X session.
Remember though, you are giving everything you type or see that other
user.
regards,
Stephen.
On Sun, 3 May 2009, William Shu wrote:
I am having difficulties related to X Windowing system. Being a novice and
basically overwhelmed by the X.org documentation. I present below the separate
but related issues which can be summarised as: (1) displaying files from remote
machines, possibly over secure shell; (2) projecting a window or entire screen
onto *multiple* remote displays (monitors); and (3) using the same display when
logged on as distinct users in xterm windows.
In the example, I am on the host machine is hpsl5 (IP: 192.168.10.4) running
SL5.0 and the remote machine is inteksl52 (192.168.10.20) running SL 5.2.
Any assistance would be appreciated.
============================ ISSUE 1 =========================
Displaying *.pdf *.ps files from a remote machine using secure shell ssh -XY, whereas it
used to work (in the distant past). I get the message: "Unable to open the
diplay" .
Even trying to open a specific display (192.168.10.4:0, on tinysl5) with the xlsfonts
command, I still get the message "Unable to open the diplay".
Unfortunately, I do not have a very clear idea how X works; the manpage X(7) is
not too helpful, and dmesg does not issue any messages.
Example output:
[...@hpsl5 ~]$ ssh -XY w...@192.168.10.20
w...@192.168.10.20's password:
Last login: Fri May 1 00:45:23 2009 from 192.168.10.4
[...@inteksl52 ~]$ printenv |grep -ie display
[...@inteksl52 ~]$ dir *.ps
tsi.comp.POST.SENT-13032007_pages25_26.ps
[...@inteksl52 ~]$ gv tsi.comp.POST.SENT-13032007_pages25_26.ps &
[1] 23151
[...@inteksl52 ~]$ gv: Unable to open the display.
[...@inteksl52 ~]$
[...@inteksl52 ~]$ xlsfonts -fn '-*-*-*-*-*-*-0-0-0-0-*-0-*-*'
xlsfonts: unable to open display ''
usage: xlsfonts [-options] [-fn pattern]
where options include:
-l[l[l]] give long info about each font
-m give character min and max bounds
-C force columns
-1 force single column
-u keep output unsorted
-o use OpenFont/QueryFont instead of ListFonts
-w width maximum width for multiple columns
-n columns number of columns if multi column
-display displayname X server to contact
-d displayname (alias for -display displayname)
[...@inteksl52 ~]$
[...@inteksl52 ~]$
[...@inteksl52 ~]$ xlsfonts -d 192.168.10.4:0.0 -fn
'-*-*-*-*-*-*-0-0-0-0-*-0-*-*'
xlsfonts: unable to open display '192.168.10.4:0.0'
usage: xlsfonts [-options] [-fn pattern]
where options include:
-l[l[l]] give long info about each font
-m give character min and max bounds
-C force columns
-1 force single column
-u keep output unsorted
-o use OpenFont/QueryFont instead of ListFonts
-w width maximum width for multiple columns
-n columns number of columns if multi column
-display displayname X server to contact
-d displayname (alias for -display displayname)
============================ ISSUE 2 =========================
How can I display a given window (xterm, pdf file, etc.) on a number of remote
terminal? For exmple, I would want that the pdf file I am scrolling through is
also visible to my remote audience on their screens.
This is probably related to ISSUE 1.
============================ ISSUE 3 =========================
How can I be logged in as 2 distinct users (e.g., wss and wsshu or root) in
terminal windows and still be able to view files *.pdf and *.ps files or choose
my X windows display? On some machines, I I can view the files, possibly with
some complaints, but fails on others, complaining about being unable to open
display. (Unfortunately I cannot reproduce the failure on this machine, in what
is given below.) Xnest does not seem to permit it. How can I go about this?
Example output:
[...@hpsl5 ~]$ Xnest :1
[1]+ Stopped Xnest :1
[...@hpsl5 ~]$ bg
[1]+ Xnest :1 &
[...@hpsl5 ~]$ xterm -display :1
AUDIT: Mon May 4 01:59:19 2009: 27279 Xnest: client 1 rejected from local host
Xlib: connection to ":1.0" refused by server
Xlib: No protocol specified
xterm Xt error: Can't open display: :1
[...@hpsl5 ~]$ su
Password:
[r...@hpsl5 wss]# xterm -display :1
AUDIT: Mon May 4 02:00:23 2009: 27279 Xnest: client 1 rejected from local host
Xlib: connection to ":1.0" refused by server
Xlib: No protocol specified
Warning: This program is an suid-root program or is being run by the root user.
The full text of the error or warning message cannot be safely formatted
in this environment. You may get a more descriptive message by running the
program as a non-root user or by removing the suid bit on the executable.
xterm Xt error: Can't open display: %s
[r...@hpsl5 wss]# exit
exit
[...@hpsl5 ~]$ su wsshu
Password:
[ws...@hpsl5 wss]$ xterm -display :1
AUDIT: Mon May 4 02:01:44 2009: 27279 Xnest: client 1 rejected from local host
Xlib: connection to ":1.0" refused by server
Xlib: No protocol specified
xterm Xt error: Can't open display: :1
[ws...@hpsl5 wss]$ cd
[ws...@hpsl5 ~]$ xterm -display :1
AUDIT: Mon May 4 02:02:33 2009: 27279 Xnest: client 1 rejected from local host
Xlib: connection to ":1.0" refused by server
Xlib: No protocol specified
xterm Xt error: Can't open display: :1
[ws...@hpsl5 ~]$ Xnest :2 &
[1] 27357
[ws...@hpsl5 ~]$ xterm -display :2
AUDIT: Mon May 4 02:03:07 2009: 27357 Xnest: client 1 rejected from local host
Xlib: connection to ":2.0" refused by server
Xlib: No protocol specified
xterm Xt error: Can't open display: :2
[ws...@hpsl5 ~]$ evince icegov2008-registration-noCardDetails-wss.pdf &
[2] 27386
[ws...@hpsl5 ~]$
(evince:27386): GnomeUI-WARNING **: While connecting to session manager:
Authentication Rejected, reason : None of the authentication protocols
specified are supported and host-based authentication failed.
** (evince:27386): WARNING **: Service registration failed.
** (evince:27386): WARNING **: Did not receive a reply. Possible causes
include: the remote application did not send a reply, the message bus security
policy blocked the reply, the reply timeout expired, or the network connection
was broken.
[2]+ Done evince
icegov2008-registration-noCardDetails-wss.pdf
[ws...@hpsl5 ~]$
William.
--
__________________________________________________
Troy Dawson daw...@fnal.gov (630)840-6468
Fermilab ComputingDivision/LCSI/CSI LMSS Group
__________________________________________________
