Find the answer to your Linux question:
Results 1 to 6 of 6
So I made another post before, and I'm having a bit of a hard time with this problem. I have a Unix server unconnected to the internet, we'll call it ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2012
    Posts
    10

    X11 Forwarding Twice


    So I made another post before, and I'm having a bit of a hard time with this problem.

    I have a Unix server unconnected to the internet, we'll call it the server. I have a Linux running RedHat connected to the Unix server through a network switch, we'll call it machine1. I now have a VirtualBox running Fedora, we'll call it machine2.

    The Unix (server) shell is tsch, both the RedHat and Fedora (machine1 and machine2) shells are bash.

    I can use "ssh -Y" to connect from machine2 to machine1 and display graphics. I can use "ssh -Y" or telnet to connect from machine1 to the server. However, when I use "ssh -Y" from machine1 to the server I don't have a DISPLAY environment variable on the server; I have to set it myself. If I set it to the IP address of machine1 (the IP address of machine1 on the network switch), I can display graphics on machine1.

    However, when I connect from machine2 to machine1 through "ssh -Y machine1," then from the remotely logged in machine1 to the server with either SSH or telnet, I'm unable to display graphics. I tried setting the DISPLAY variable to the IP address (from the network switch) of machine1, which didn't work (let's call this IP address 192.168.x.x). I tried setting it to the IP address of machine2, which didn't work either, which makes sense as the server isn't connected to the internet. When I try to set it to "localhost:10.0," whenever I call something (like xterm), it pauses for a second then says that it can't connect to localhost:10.0.

    Since machine1's DISPLAY variable after SSHing is "localhost:10.0" I thought it should work. Then I thought maybe I should set it the IP address of the network switch of machine1, except set it to port 10 instead of 0 (e.g. setenv DISPLAY 192.168.x.x:10.0), and this didn't work either.

    Does anyone know what's wrong? The Unix server is very old and I'm afraid that's what's causing the problem; I doubt I'd be able to fix it because all the ways I know how to open ports and ensure X11 forwarding is on doesn't work on such an old machine. HOWEVER, remember that machine1 can get graphics from the Unix server through either SSH or telnet; the caveat is that you have to set the DISPLAY variable by hand when connecting with SSH.

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,864
    Have you tried using
    Code:
    ssh -X ...
    (that's a capital X)

    This will do normal X forwarding over the secure channel. Y is supposed to tell ssh to bypass the X security mechanisms, but I'm not sure (from reading the ssh man page) if it actually enable X11 forwarding too.
    Linux user #126863 - see http://linuxcounter.net/

  3. #3
    Just Joined!
    Join Date
    Sep 2012
    Posts
    10
    Quote Originally Posted by Roxoff View Post
    Have you tried using
    Code:
    ssh -X ...
    (that's a capital X)

    This will do normal X forwarding over the secure channel. Y is supposed to tell ssh to bypass the X security mechanisms, but I'm not sure (from reading the ssh man page) if it actually enable X11 forwarding too.
    I initially used ssh -X on both sides to connect, and switched to -Y after reading that -X didn't work when X11 forwarding twice. If what you're saying is correct, then I need both -X and -Y, e.g.
    Code:
    ssh -X -Y <IP address>
    I'll try that when I have access to the computer, but from what I understand -Y also enables X11 forwarding.

  4. #4
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,864
    Quote Originally Posted by Dodosaur View Post
    I'll try that when I have access to the computer, but from what I understand -Y also enables X11 forwarding.
    I can't say whether it will or not - I only ever use the -X option - actually I have the option permanently set through my ~/.ssh/config file. I'm pretty sure I've hopped from one server to another using this option. Giving it a go is probably best for you. Good luck with it.
    Linux user #126863 - see http://linuxcounter.net/

  5. #5
    Just Joined!
    Join Date
    Sep 2012
    Posts
    10
    Quote Originally Posted by Roxoff View Post
    I can't say whether it will or not - I only ever use the -X option - actually I have the option permanently set through my ~/.ssh/config file. I'm pretty sure I've hopped from one server to another using this option. Giving it a go is probably best for you. Good luck with it.
    So I checked it up and it's only a difference between trusted and untrusted - "-Y" also sets X11Forwarding (I can't post links right now to the source since I don't have enough posts).

    Another big issue is that I can't find the SSH configuration file on the Unix - an option there might be wrong but I don't know how to find it. Do you know how to trace it from the sshd process?

  6. #6
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,864
    I don't know how to trace the file from the running process - there might be something in /proc that tells you. If it's on Fedora it'll use the new systemctl stuff to launch it. On RedHat it'll be the SystemV init scripts.

    The configuration files should be in the same place for both, though. They should be in /etc/ssh, one for the client settings ssh_config and one for the server settings, sshd_config.
    Linux user #126863 - see http://linuxcounter.net/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •