vincevincevince
asked on
Setting DISPLAY variable to use XHOST on a local X-server via SSH
I have a problem - I have Redhat 9.1, and run an X-server on it. This X-server is at localhost:0.0. When certain SSH clients connect, they force the value of DISPLAY so they can use X-forwarding. I want to be able to use X-forwarding at times, so I don't want to disable this.
However, I need to issue xhost + command to enable unauthenticated access to the LOCAL x-server. To do this, I have to set the DISPLAY environment variable to localhost:0.0 then run xhost +.
The problem is, the ssh client doesn't like me doing that. (That's what I believe the problem is).
Using fedora's terminal and running ssh (correct result):
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
access control disabled, clients can connect from any host
[root@XYZ]#
With widows SSH or pengiunet PenguiNet 2.13 http://www.siliconcircus.com/:
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
xhost: unable to open display ""
[root@XYZ]#
To summarise:
I want to disable access control on an x-server at localhost:0.0, via SSH, without disabling X-forwarding.
However, I need to issue xhost + command to enable unauthenticated access to the LOCAL x-server. To do this, I have to set the DISPLAY environment variable to localhost:0.0 then run xhost +.
The problem is, the ssh client doesn't like me doing that. (That's what I believe the problem is).
Using fedora's terminal and running ssh (correct result):
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
access control disabled, clients can connect from any host
[root@XYZ]#
With widows SSH or pengiunet PenguiNet 2.13 http://www.siliconcircus.com/:
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
xhost: unable to open display ""
[root@XYZ]#
To summarise:
I want to disable access control on an x-server at localhost:0.0, via SSH, without disabling X-forwarding.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Mysidia, I will try that as soon as I can get hold of a windows machine, thanks.
Yuzh, you may be misunderstanding me - it's not that I have problems with X forwarding, that works fine, it's that I can't run an xhost command for the server's X-server, because the ssh client (I guess taht's the problem) won't let me change the DISPLAY environment variable.
Yuzh, you may be misunderstanding me - it's not that I have problems with X forwarding, that works fine, it's that I can't run an xhost command for the server's X-server, because the ssh client (I guess taht's the problem) won't let me change the DISPLAY environment variable.
Hi vince,
Try export instead of simply setting the variable as follows:
========
[root@XYZ]# export DISPLAY=localhost:0.0
[root@XYZ]# xhost +
========
Try export instead of simply setting the variable as follows:
========
[root@XYZ]# export DISPLAY=localhost:0.0
[root@XYZ]# xhost +
========
If X forwarding is working why do you need to disable authention? Is it because you log in to the remote as one user and can't use X applications if you su to some other user (like root)? The solution there is to enable sudo access for your account and do 'sudo some-X-app', or ssh in as the user you need to be (ssh root@remote).
From a remote connection you can't connect to localhost:0.0 because that display is not owned by the logged in user. You can execute an 'xhost +localhost' without ftuzing with DISPLAY, but that won't help with the authentication problem if you switch users within that session because of the way X forwarding works.
From a remote connection you can't connect to localhost:0.0 because that display is not owned by the logged in user. You can execute an 'xhost +localhost' without ftuzing with DISPLAY, but that won't help with the authentication problem if you switch users within that session because of the way X forwarding works.
ASKER
"If X forwarding is working why do you need to disable authention?"
I think you misunderstand slightly. I use X-forwarding for using X applications remotely. I also use certain X applications 100% serverside via scripts which require an X server for some rendering.
This means I have to have a local X server running (localhost:0.0) AND X forwarding of a different server. i.e two X servers.
The problem comes when I need to give scripts access to the local X-server. These scripts are mostly php. For these to run, I need to disable authentication ... on the local X-server only.
Many thanks for your help thus far, today I test all comments submitted on the server.
I think you misunderstand slightly. I use X-forwarding for using X applications remotely. I also use certain X applications 100% serverside via scripts which require an X server for some rendering.
This means I have to have a local X server running (localhost:0.0) AND X forwarding of a different server. i.e two X servers.
The problem comes when I need to give scripts access to the local X-server. These scripts are mostly php. For these to run, I need to disable authentication ... on the local X-server only.
Many thanks for your help thus far, today I test all comments submitted on the server.
So you are remotely accessing the box via ssh? Unless there's someone logged in on the console and running x localhost:0.0 won't exist.
Unless you are trying to invoke an X application from PHP your script won't need a running X server to execute. What are you doing within the PHP script that needs X?
Unless you are trying to invoke an X application from PHP your script won't need a running X server to execute. What are you doing within the PHP script that needs X?
ASKER
To create a running X server even when nobody is logged into the console I start the X server and background it.
I need an X server to use kwebdesktop.
I need an X server to use kwebdesktop.
ASKER
#1 from Mysidia was spot on. I placed that command within the following short script, and all now works well:
startx &
env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
startx &
env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
host the DISPLAY should automatically set.
otherwise, from boxA ssh to boxB, when you ssh login to box B, you need to do:
DISPLAY=boxA-IP:0.0
export DISPLAY