Solved

Problem when moving .Xauthority

Posted on 2004-09-01
10
1,450 Views
Last Modified: 2013-12-21
I'm running a Linux cluster, and I'm having some X problems.  

Background: Dell X86 machines running Fedora Core 1; networked together on a private LAN. The worker nodes are all automounting their /home directory off of the master/storage node. Display, mouse, keyboard connected to the master/storage node.  When a user logs on, DISPLAY = :0.0

When I tried to ssh between the master and the workers, I'd get "Warning: No xauth data; using fake authentication data for X11 forwarding.", I assume because everybody was trying the use the same .Xauthority file.

So I created a directory for each user under /usr/local on each node (including the master/storage node).  I added a line to the end of my .bashrc:

export XAUTHORITY=/usr/local/myusername/.Xauthority

I copied .Xauthority from /home/mysername to /usr/local/myusername and checked that permissions on the file and directory were the same as the originals.

Now I'm no longer getting the "No xauth data" when ssh'ing between the nodes, but when I try to log in to the master/storage node at the console, the login fails, and the session log says:

Xlib: connection to :0.0 refused by server
Xlib: No protocol specified

I can get back in by commenting out the line in the .bashrc to revert to my original .Xauthority file.

Anyone got any idea what's going on?

John
0
Comment
Question by:jwolter
  • 5
  • 2
10 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 11955216
From the way you describe the cluster environment each user has an account & home dir on the head node and you are exporting /home to the member nodes. Since you don't say otherwise I assume that you aren't using NIS and created user accounts on each of the memember nodes. When you did that did you make sure that each memember node accout had the same UID/GID as that user has on the head node and that their home dir points to the NFS mount?
0
 
LVL 1

Author Comment

by:jwolter
ID: 11962432
jlevie,

Your assumptions are correct. /home is exported; each worker has user accounts, and yes, on each node the UID/GID are the same and their home directories point to the mount.

Since I posted this, I have found a workaround.  I'll keep the question open because I'm curious as to what is going on, but if no one comes up with something, I'll close the question.  The workaround is remove the reassignment of XAUTHORITY, so that xauth looks for $HOME/.Xauthority, and then create $HOME/.Xauthority as a symbolic link to /usr/local/myusername/.Xauthority . Not sure why this works, but it does.

John
0
 
LVL 20

Expert Comment

by:Gns
ID: 11962437
I'm not sure the "No XAUTH" thing is due to what you describe... Are you running an X server (that you have an auth entry for) when you do the ssh -X from master to slave? You have probably started X as a regular user and ssh -X as someone else... root perhaps... And root have never gotten an .Xauthority file ... Or your regular users X don't have xauth defined at all (as is the case with Cygwins default X startup for example). The "error" is just information that since there is no valid information about this for ssh to use, some fake info will be inserted for slave:10 (or whatever) _on slave_. Not really something to work up a sweat over. Nor to try fix.
I presume you are still able to make the "faked local tunneled connections" through ssh -X?

-- Glenn
0
 
LVL 20

Expert Comment

by:Gns
ID: 11962444
Oh, and the fix works since then you do have valid xauth info...:-).
Still not really something needing a fix:-)

-- Glenn
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 20

Expert Comment

by:Gns
ID: 11962596
Just a quick "demo" from a cygwin X session:

$ ssh -X glenn@vampire
glenn@vampire's password:
Warning: No xauth data; using fake authentication data for X11 forwarding.
Last login: Thu Sep  2 14:08:38 2004 from dt2116.xxx.xxx
[glenn@vampire glenn]$ echo $DISPLAY
vampire.xxx.xxx:10.0
[glenn@vampire glenn]$ xauth list | grep vampire.xxx.xxx:10
vampire.xxx.xxx:10  MIT-MAGIC-COOKIE-1  533f8b8e4835905844f047d831394854
[glenn@vampire glenn]$ xterm&
[1] 29653
[glenn@vampire glenn]$

... And of course the xterm start as it should.

-- Glenn
0
 
LVL 1

Author Comment

by:jwolter
ID: 11963410
Glenn,

Thanks for the comments.  

The "No xauth" message appears for "straight" ssh connections (i.e. no -X option).  The ssh session proceeds normally afterward, and I was inclined to ignore it, but I started noticing a delay during the process *sometimes*.  In a cluster, delays are the enemy of performance, so I wanted to see if I could elimnate the delay be eliminating the error.  

John
0
 
LVL 20

Accepted Solution

by:
Gns earned 250 total points
ID: 11963466
The -X is just if you like being explicit about it. I'd wager a lunch that you've got "ForwardX11 yes" set in /etc/ssh/ssh_config (and "X11Forwarding yes" in /etc/ssh/sshd_config on the remote(s)).
Eliminate the problem by setting either to "no".

-- Glenn
0
 
LVL 20

Expert Comment

by:Gns
ID: 11963561
... And if you have latency problems, these aren't that likely to have anything to do with an unused tunneling feature... More to do with the usual stuff  (perhformance/"load" on the machines involved, the rather ... less than stellar... latency of tcp/ip over ethernet:-)...

-- Glenn
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Storage devices are generally used to save the data or sometime transfer the data from one computer system to another system. However, sometimes user accidentally erased their important data from the Storage devices. Users have to know how data reco…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now