• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1061
  • Last Modified:

Setting DISPLAY variable to use XHOST on a local X-server via SSH

I have a problem - I have Redhat 9.1, and run an X-server on it.  This X-server is at localhost:0.0.  When certain SSH clients connect, they force the value of DISPLAY so they can use X-forwarding.  I want to be able to use X-forwarding at times, so I don't want to disable this.

However, I need to issue xhost + command to enable unauthenticated access to the LOCAL x-server.  To do this, I have to set the DISPLAY environment variable to localhost:0.0 then run xhost +.

The problem is, the ssh client doesn't like me doing that.  (That's what I believe the problem is).

Using fedora's terminal and running ssh (correct result):

 [root@XYZ]# DISPLAY=localhost:0.0
 [root@XYZ]# xhost +
 access control disabled, clients can connect from any host
 [root@XYZ]#

With widows SSH or pengiunet PenguiNet 2.13 http://www.siliconcircus.com/:
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
xhost:  unable to open display ""
[root@XYZ]#

To summarise:
I want to disable access control on an x-server at localhost:0.0, via SSH, without disabling X-forwarding.
0
vincevincevince
Asked:
vincevincevince
1 Solution
 
MysidiaCommented:
Try

env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
0
 
yuzhCommented:
If your ssh was setup correctly with X-forwarding enable, when you ssh login to a remote
host the DISPLAY should automatically set.

otherwise, from boxA ssh to boxB,  when you ssh login to box B, you need to do:

DISPLAY=boxA-IP:0.0
export DISPLAY
0
 
vincevincevinceAuthor Commented:
Mysidia, I will try that as soon as I can get hold of a windows machine, thanks.
Yuzh, you may be misunderstanding me - it's not that I have problems with X forwarding, that works fine, it's that I can't run an xhost command for the server's X-server, because the ssh client (I guess taht's the problem) won't let me change the DISPLAY environment variable.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
SunjithCommented:
Hi vince,
 Try export instead of simply setting the variable as follows:
========
[root@XYZ]# export DISPLAY=localhost:0.0
[root@XYZ]# xhost +
========
0
 
jlevieCommented:
If X forwarding is working why do you need to disable authention? Is it because you log in to the remote as one user and can't use X applications if you su to some other user (like root)? The solution there is to enable sudo access for your account and do 'sudo some-X-app', or ssh in as the user you need to be (ssh root@remote).

From a remote connection you can't connect to localhost:0.0 because that display is not owned by the logged in user. You can execute an 'xhost +localhost' without ftuzing with DISPLAY, but that won't help with the authentication problem if you switch users within that session because of the way X forwarding works.
0
 
vincevincevinceAuthor Commented:
"If X forwarding is working why do you need to disable authention?"
I think you misunderstand slightly.  I use X-forwarding for using X applications remotely.  I also use certain X applications 100% serverside via scripts which require an X server for some rendering.

This means I have to have a local X server running (localhost:0.0) AND X forwarding of a different server.  i.e two X servers.

The problem comes when I need to give scripts access to the local X-server.  These scripts are mostly php.  For these to run, I need to disable authentication ... on the local X-server only.

Many thanks for your help thus far, today I test all comments submitted on the server.
0
 
jlevieCommented:
So you are remotely accessing the box via ssh? Unless there's someone logged in on the console and running x localhost:0.0 won't exist.

Unless you are trying to invoke an X application from PHP your script won't need a running X server to execute. What are you doing within the PHP script that needs X?
0
 
vincevincevinceAuthor Commented:
To create a running X server even when nobody is logged into the console I start the X server and background it.

I need an X server to use kwebdesktop.
0
 
vincevincevinceAuthor Commented:
#1 from Mysidia was spot on.   I placed that command within the following short script, and all now works well:

startx &
env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now