From owner-freebsd-questions Fri Jul 16 6: 2:50 1999 Delivered-To: freebsd-questions@freebsd.org Received: from volodya.prime.net.ua (volodya.prime.net.ua [195.64.229.17]) by hub.freebsd.org (Postfix) with ESMTP id 2FAC014E5E for ; Fri, 16 Jul 1999 06:02:42 -0700 (PDT) (envelope-from andyo@prime.net.ua) Received: from prime.net.ua (localhost [127.0.0.1]) by volodya.prime.net.ua (8.9.3/8.8.8) with ESMTP id QAA01543; Fri, 16 Jul 1999 16:00:09 +0300 (EEST) (envelope-from andyo@prime.net.ua) Message-ID: <378F2CD7.46A27DEE@prime.net.ua> Date: Fri, 16 Jul 1999 16:00:08 +0300 From: "Andy V. Oleynik" Organization: M-Info X-Mailer: Mozilla 4.61 [en] (X11; I; FreeBSD 3.2-STABLE i386) X-Accept-Language: en, ru, uk MIME-Version: 1.0 To: cjclark@home.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: SSH X Forwarding References: <199907151536.LAA21293@cc942873-a.ewndsr1.nj.home.com> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I beleave there 3 schemes exist: 1. U sitting at non X host and ssh'ed at remote *running* X. U can remotly run xapp on Xhost (*if allowed*). Window will appear at remote's display. (I did it just now from one of my machines). 2. U sitting at host running X and ssh'ed to remote *running* X from xterm for example. U run remotly xapp and window appear locally. I did it month ago from my home PC. I've had only troubles trying to run xapp on ssh'ed machine when PC where I ssh'ing from was not allowed to connect to X server or when there wasnt running X server on remote or when I didnt give an "-display :0" option to my xapps. Look: now I have at remote X server: volodya# xhost access control enabled, only authorized clients can connect INET:localhost INET:ns1.prime.net.ua volodya# then I ssh'ing at remote (non X host): volodya# ssh ns1 Warning: Remote host denied X11 forwarding, perhaps xauth program could not be run on the server side. [snip] You may also use `/stand/sysinstall' to re-enter the installation and configuration utility. Edit /etc/motd to change this login announcement. You have new mail. ns1# here I cannot to run xapps of course ;) then I shh'ing back to volodya: ns1# ssh volodya [snip] You have new mail. volodya# Now look: volodya# xterm Warning: This program is an suid-root program or is being run by the root user. The full text of the error or warning message cannot be safely formatted in this environment. You may get a more descriptive message by running the program as a non-root user or by removing the suid bit on the executable. xterm Xt error: Can't open display: %s volodya# There are no defined DISPLAY variable: volodya# set|more addsuffix argv () cwd /usr/home/root dirstack /usr/home/root echo_style bsd edit filec gid 0 group wheel history 100 home /usr/home/root loginsh mail /var/mail/root owd path (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin /usr/ home/root/bin) prompt volodya# prompt2 %R? prompt3 CORRECT>%R (y|n|e|a)? savehist 100 shell /usr/local/bin/tcsh shlvl 1 status 0 tcsh 6.08.00 term xterm-color tty ttyp3 uid 0 user root version tcsh 6.08.00 (Astron) 1998-10-02 (i386-intel-FreeBSD) options 8b,nls,dl,al,sm,rh,color volodya# Now look: volodya# xterm -display :0 gives correct result - xterm window appears at remote display. In case if I'd ssh'ing in the remote X from another X console I have had window locally. Now I define DISPLAY variable: volodya# set DISPLAY=:0 volodya# setenv DISPLAY :0 volodya# xterm gives correct result - xterm window appears at remote display. Ok. I remove ns1 from allowed list: volodya# xhost -ns1 ns1 being removed from access control list volodya# xhost access control enabled, only authorized clients can connect INET:localhost volodya# Shh'ing from remote nonX console or ssh'ing back to volodya from xterm'ed ssh session on ns1 I still able to run xapp. Again when I log from non X console I have window appeared on remote's X console. But when DISPLAY variable defined or -display command option given and access to X allowed. That's all. 3. Scheme XDMCP. But I beleave it's not relevant to 1st 2 scheme. "Crist J. Clark" wrote: > osAndy V. Oleynik wrote, > [Charset koi8-r unsupported, filtering to ASCII...] > > Hmm..U ssh'ed from local X host to remote X host? > > Yes? > > In the sense that I am ssh'ing between two machines with X installed > and X is running on the machine at which I am sitting, yes. > > However, I am fairly sure xhost has nothing to do with this. For > example, I am sitting at a machine at work right now ssh'ed into my > home PC. My home PC is where the emacs window in which I am writing to > you is running, but it is (obviously) showing up here on my X machine > at work. My local machine has only itself in its xhost list (despite > the fact I am ssh'ed into 2 machines with working X connections). The > remote machine contains my local machine in its xhosts list. If I try > to remove it, the removal is successful, but it immediately pops back > up. > > All of that tells me that ssh is doing all of this for me. > > Of course, on the machine giving me problems, I cannot verify that it > is including me in xhosts since the xhost command fails. > -- > Crist J. Clark cjclark@home.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- WBW Andy V. Oleynik (When U work in virtual office prime.net.ua's U have good chance to obtain system administrator virtual money ö%-) +380442448363 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message