Find the answer to your Linux question:
Results 1 to 9 of 9
hello, i was wondering how to set up ssh -X to work. I have already configured /etc/ssh/sshd_config to include forwardx11 yes but it still tells me that it cannot connect ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2006
    Posts
    90

    ssh -x


    hello, i was wondering how to set up ssh -X to work. I have already configured /etc/ssh/sshd_config to include forwardx11 yes but it still tells me that it cannot connect to the xserver on the remote machine. Is there a DETAILED guide or am i missing something?

  2. #2
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,133
    Two things to check
    • Have you set the forwardx11 option on the remote machine and restarted sshd
    • You used a lowercase 'x' in the thread title, are you using the correct ssh -X

  3. #3
    Just Joined!
    Join Date
    Nov 2006
    Posts
    90
    yes and yes.

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Nov 2006
    Posts
    90
    does this say anything helpful? the last line said that the x11 is forwarded but I am still unable to connect. It said that "could not open display" -or- "could not connect to xserver" depending on the program.


    ssh -Y -C -v kainalu@192.168.0.100
    OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to 192.168.0.100 [192.168.0.100] port 22.
    debug1: Connection established.
    debug1: identity file /home/kainalu/.ssh/identity type -1
    debug1: identity file /home/kainalu/.ssh/id_rsa type -1
    debug1: identity file /home/kainalu/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.5
    debug1: match: OpenSSH_4.5 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.6
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 zlib@openssh.com
    debug1: kex: client->server aes128-cbc hmac-md5 zlib@openssh.com
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host '192.168.0.100' is known and matches the RSA host key.
    debug1: Found key in /home/kainalu/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Trying private key: /home/kainalu/.ssh/identity
    debug1: Trying private key: /home/kainalu/.ssh/id_rsa
    debug1: Trying private key: /home/kainalu/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    Password:
    debug1: Enabling compression at level 6.
    debug1: Authentication succeeded (keyboard-interactive).
    debug1: channel 0: new [client-session]
    debug1: Entering interactive session.
    debug1: Requesting X11 forwarding with authentication spoofing.
    Last login: Sat Jul 21 23:24:48 2007 from photon.local

  6. #5
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,133
    It all looks good there (unfortunately). Can you post the sshd_config and ssh_config from client and server here?

  7. #6
    Just Joined!
    Join Date
    Nov 2006
    Posts
    90
    from server:

    ssh_config:
    Code:
    #       $OpenBSD: ssh_config,v 1.22 2006/05/29 12:56:33 dtucker Exp $
    
    # This is the ssh client system-wide configuration file.  See
    # ssh_config(5) for more information.  This file provides defaults for
    # users, and the values can be changed in per-user configuration files
    # or on the command line.
    
    # Configuration data is parsed as follows:
    #  1. command line options
    #  2. user-specific file
    #  3. system-wide file
    # Any configuration value is only changed the first time it is set.
    # Thus, host-specific definitions should be at the beginning of the
    # configuration file, and defaults at the end.
    
    # Site-wide defaults for some commonly used options.  For a comprehensive
    # list of available options, their meanings and defaults, please see the
    # ssh_config(5) man page.
    
    # Host *
    #   ForwardAgent no
    #   ForwardX11 yes
    #   RhostsRSAAuthentication no
    #   RSAAuthentication yes
    #   PasswordAuthentication yes
    #   HostbasedAuthentication no
    #   GSSAPIAuthentication no
    #   GSSAPIDelegateCredentials no
    #   BatchMode no
    #   CheckHostIP yes
    #   AddressFamily any
    #   ConnectTimeout 0
    #   StrictHostKeyChecking ask
    #   IdentityFile ~/.ssh/identity
    #   IdentityFile ~/.ssh/id_rsa
    #   IdentityFile ~/.ssh/id_dsa
    #   Port 22
    #   Protocol 2,1
    #   Cipher 3des
    #   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
    #   EscapeChar ~
    #   Tunnel no
    #   TunnelDevice any:any
    #   PermitLocalCommand no

    sshd_config:

    Code:
    #       $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
    
    # This is the sshd server system-wide configuration file.  See
    # sshd_config(5) for more information.
    
    # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
    
    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented.  Uncommented options change a
    # default value.
    
    #Port 22
    Protocol 2
    #AddressFamily any
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    
    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key
    
    # Lifetime and size of ephemeral version 1 server key
    #KeyRegenerationInterval 1h
    #ServerKeyBits 768
    
    # Logging
    # obsoletes QuietMode and FascistLogging
    #SyslogFacility AUTH
    #LogLevel INFO
    
    # Authentication:
    
    #LoginGraceTime 2m
    PermitRootLogin no
    #StrictModes yes
    #MaxAuthTries 6
    
    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile     .ssh/authorized_keys
    
    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #RhostsRSAAuthentication no
    # similar for protocol version 2
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # RhostsRSAAuthentication and HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes
    
    # To disable tunneled clear text passwords, change to no here!
    PasswordAuthentication no
    #PermitEmptyPasswords no
    
    # Change to no to disable s/key passwords
    #ChallengeResponseAuthentication yes
    
    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no
    
    # GSSAPI options
    #GSSAPIAuthentication no
    #GSSAPICleanupCredentials yes
    
    # Set this to 'yes' to enable PAM authentication, account processing,
    # and session processing. If this is enabled, PAM authentication will
    # be allowed through the ChallengeResponseAuthentication mechanism.
    # Depending on your PAM configuration, this may bypass the setting of
    # PasswordAuthentication, PermitEmptyPasswords, and
    # "PermitRootLogin without-password". If you just want the PAM account and
    # session checks to run without PAM authentication, then enable this but set
    # ChallengeResponseAuthentication=no
    UsePAM yes
    
    #AllowTcpForwarding yes
    #GatewayPorts no
    #X11Forwarding yes
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #UseLogin no
    #UsePrivilegeSeparation yes
    #PermitUserEnvironment no
    #Compression delayed
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #UseDNS yes
    #PidFile /var/run/sshd.pid
    #MaxStartups 10
    #PermitTunnel no
    
    # no default banner path
    #Banner /some/path
    
    # override default of no subsystems
    Subsystem       sftp    /usr/lib/misc/sftp-server

    I have to do the client later because i have that computer powered down for maintenance
    Last edited by bigtomrodney; 07-22-2007 at 08:57 PM.

  8. #7
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,133
    From the server config file :-
    Code:
    # ForwardX11 yes
    The option for X forwarding is commented out with a hash (#). Remove this hash to activate the setting and restart sshd on the server. It should work then

    EDIT - I just added code tags to make the config files a bit more readable

  9. #8
    Just Joined!
    Join Date
    Nov 2006
    Posts
    90
    (slaps head) I have lost my touch!!! that did it

  10. #9
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,133
    Just glad you got it working

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •