Date: Thu, 19 Dec 2002 22:44:54 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: questions@FreeBSD.ORG Subject: Re: Running X-clients on remote hosts. Message-ID: <20021219224454.GA85773@happy-idiot-talk.infracaninophi> In-Reply-To: <20021219184204.I958-100000@aqua.lan.palfreman.com> References: <20021219184204.I958-100000@aqua.lan.palfreman.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 19, 2002 at 07:07:49PM +0000, William Palfreman wrote:
> How can I allow Xfree86 to listen for network connections again? I
> certainly used to have no problem doing this, and I don't see anything
> about this specific and probably very simple problem in the handbook or
> googling.
>
> I'm running an X server on my workstation (Xfree86 4.1) on my
> workstation (FreeBSD 4.6.2-p3) and I wan to have X-clients connect from
> other machine, for example xload.
>
> So, on logged into the remote host (using bash) I enter
> "export DISPLAY=wks:0" and on my workstation I enter "xhost +". Then on
> the remote host I enter "xload &" and all I get is "Error: Can't
> open display: wks:0"
>
> Then, if I go to a virtual terminal on my workstation (i.e. press
> ctrl-alt-F3) and enter "export DISPLAY=wks:0" then "xhost +" I get
> 'xhost: unable to open display "wks:0"'. If I replace the
> (DNS-valid) hostname with localhost exactly the same thing happens.
>
> I've tested this from a friend's Windows 98 box which has Hummingbird
> Exceed installed on it, and there is no problem running X-clients on
> it, by sshing in and doing "export DISPLAY=ant:0". So I know the
> problem is with my workstation's X server.
>
> So what should I do to make X network aware? It currently only seems to
> work as "export DISPLAY=:0"
Seems you're running the X server with the '-nolisten tcp' flag. If
you examine the output of 'netstat -na' do you see anything listening
at port 6000 ? Lack of anything listening there confirms the
diagnosis.
How to make X listen on the network depends on how you start the X
server. If you use startx(1), then you just need to invoke it as:
startx -listen_tcp
Otherwise, if you use xdm(1) then you need to edit
/usr/X11R6/lib/X11/xdm/Xservers and remove the '-nolisten tcp' flags:
--- Xservers.orig Thu Dec 19 22:25:16 2002
+++ Xservers Thu Dec 19 22:25:30 2002
@@ -10,4 +10,4 @@
# look like:
# XTerminalName:0 foreign
#
-:0 local /usr/X11R6/bin/X -nolisten tcp
+:0 local /usr/X11R6/bin/X
and then hit Ctrl-Alt-Bksp to make xdm(1) restart.
However, be warned. Sending X traffic across the network unencrypted
is at least as bad securitywise as using plain text protocols like
rsh(1) or telnet(1): maybe worse --- it's very easy to forget yourself
and type a root password into an xterm(1) session on a remote host.
The secure alternative is to use ssh's ability to tunnel X protocol
over an encrypted channel. Simply add:
Host remote.server.name
ForwardX11 yes
to either $HOME/.ssh/config (your account only) or /etc/ssh/ssh_config
(system wide default), and make sure the remote system hasn't had X11
forwarding turned off in /etc/ssh/sshd_config (default is to allow it).
Now, when you log in you should find that you get a $DISPLAY variable
automatically set to something like:
localhost:10.0
where the sshd is listening on port 6010 pretending to be a local X
server, but in reality forwarding everything over an encrypted tunnel
to your desktop. (Make sure that your .login / .cshrc or .profile or
.bashrc or whatever initialization files your shell uses don't set
$DISPLAY for themselves or this won't work.) Fire up xterm or some
other X program, and it should display fine, even without enabling
your local workstation to listen for X connections on the network.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021219224454.GA85773>