Date: 02 Jul 2000 13:05:09 -0700 From: Harry Putnam <reader@newsguy.com> To: freebsd-mobile@FreeBSD.ORG Subject: Re: X-display from laptop to desk Message-ID: <m2n1k08fii.fsf@reader.ptw.com> In-Reply-To: Ollivier Robert's message of "Sun, 2 Jul 2000 19:19:02 %2B0200" References: <Pine.BSF.4.21.0007011813061.500-100000@heaven.gigo.com> <m2bt0gy1qp.fsf@reader.ptw.com> <20000702191902.A34291@keltia.freenix.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Ollivier Robert <roberto@keltia.freenix.fr> writes: > According to Harry Putnam: > > Ahhh... ok so su root *before* ssh'ing that make sense. > > But you don't want to ssh as root. > > Instead of ssh-ing as root, use some utility such as calife (found in > ports/security/calife) or sudo to become root. That way, the authentication is > not a problem anymore. A private poster has had this to say on the subject (hope he doesn't mind my posting it) When you connect ssh creates a cookie file that contains a random secret that X applications use to authenticate themselves to the X server (to prevent other users on the same system hijacking your X session). An environment variable called XAUTHORITY is created with the path to this file. An environment called DISPLAY is also created which tells X clients which host and ports the X server is running on. e.g. on my system when I ssh to another host my environment will have something like the following: DISPLAY=server.domain.ac.uk:11.0 XAUTHORITY=/tmp/ssh-jsQ74750/cookies Sounds as if (posters suggestion) another good way to do this is to set those VARS in the root shell created. I'm using plain su like: $ su <PASSWORD> <RET> Using bash shell on both user and root accounts but I do *NOT* see the XAUTHORITY var. $ echo $XAUTHORITY ..... nothing from the sshed shell on remote. In fact I've done a little experimenting and find that the ENV settings hardly change. Here is what I did: ssh satellite to get shell as user reader on remote <satellite> $ env >reader.env $ su <PASSWORD> # env >root.env Now run diff on the two files: diff root.env reader.env 10,11c10,11 < PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:\ /usr/local/bin:/usr/X11R6/bin:/root/bin < HOME=/root --- > PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:\ /usr/X11R6/bin > HOME=/home/reader 13c13 < PS1=`id -un`@`hostname|sed s/[.].*n//` `pwd`\nbsd # --- > PS1=`id -un`@`hostname|sed s/[.].*n//` `pwd`\nbsd > 22c22 < SHLVL=2 --- > SHLVL=1 Nothing concerning authorization of any kind. Yet after suing I call vim I get the error messges mentioned Another factor in this is that the initial xterm on the local machine is an xterm created by `ssh-agent' and `ssh-add' to add the authorization. From that shell I'm ssh'ing to remote running 4.0 snap 06/24. So still don't quite see what is happening here. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-mobile" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m2n1k08fii.fsf>