Solved

Setting DISPLAY variable to use XHOST on a local X-server via SSH

Posted on 2004-09-07
9
724 Views
Last Modified: 2010-04-20
I have a problem - I have Redhat 9.1, and run an X-server on it.  This X-server is at localhost:0.0.  When certain SSH clients connect, they force the value of DISPLAY so they can use X-forwarding.  I want to be able to use X-forwarding at times, so I don't want to disable this.

However, I need to issue xhost + command to enable unauthenticated access to the LOCAL x-server.  To do this, I have to set the DISPLAY environment variable to localhost:0.0 then run xhost +.

The problem is, the ssh client doesn't like me doing that.  (That's what I believe the problem is).

Using fedora's terminal and running ssh (correct result):

 [root@XYZ]# DISPLAY=localhost:0.0
 [root@XYZ]# xhost +
 access control disabled, clients can connect from any host
 [root@XYZ]#

With widows SSH or pengiunet PenguiNet 2.13 http://www.siliconcircus.com/:
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
xhost:  unable to open display ""
[root@XYZ]#

To summarise:
I want to disable access control on an x-server at localhost:0.0, via SSH, without disabling X-forwarding.
0
Comment
Question by:vincevincevince
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 23

Accepted Solution

by:
Mysidia earned 250 total points
ID: 11994555
Try

env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
0
 
LVL 38

Expert Comment

by:yuzh
ID: 11994580
If your ssh was setup correctly with X-forwarding enable, when you ssh login to a remote
host the DISPLAY should automatically set.

otherwise, from boxA ssh to boxB,  when you ssh login to box B, you need to do:

DISPLAY=boxA-IP:0.0
export DISPLAY
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 11994827
Mysidia, I will try that as soon as I can get hold of a windows machine, thanks.
Yuzh, you may be misunderstanding me - it's not that I have problems with X forwarding, that works fine, it's that I can't run an xhost command for the server's X-server, because the ssh client (I guess taht's the problem) won't let me change the DISPLAY environment variable.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 2

Expert Comment

by:Sunjith
ID: 11995240
Hi vince,
 Try export instead of simply setting the variable as follows:
========
[root@XYZ]# export DISPLAY=localhost:0.0
[root@XYZ]# xhost +
========
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11996263
If X forwarding is working why do you need to disable authention? Is it because you log in to the remote as one user and can't use X applications if you su to some other user (like root)? The solution there is to enable sudo access for your account and do 'sudo some-X-app', or ssh in as the user you need to be (ssh root@remote).

From a remote connection you can't connect to localhost:0.0 because that display is not owned by the logged in user. You can execute an 'xhost +localhost' without ftuzing with DISPLAY, but that won't help with the authentication problem if you switch users within that session because of the way X forwarding works.
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 12003646
"If X forwarding is working why do you need to disable authention?"
I think you misunderstand slightly.  I use X-forwarding for using X applications remotely.  I also use certain X applications 100% serverside via scripts which require an X server for some rendering.

This means I have to have a local X server running (localhost:0.0) AND X forwarding of a different server.  i.e two X servers.

The problem comes when I need to give scripts access to the local X-server.  These scripts are mostly php.  For these to run, I need to disable authentication ... on the local X-server only.

Many thanks for your help thus far, today I test all comments submitted on the server.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12003776
So you are remotely accessing the box via ssh? Unless there's someone logged in on the console and running x localhost:0.0 won't exist.

Unless you are trying to invoke an X application from PHP your script won't need a running X server to execute. What are you doing within the PHP script that needs X?
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 12004195
To create a running X server even when nobody is logged into the console I start the X server and background it.

I need an X server to use kwebdesktop.
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 12004285
#1 from Mysidia was spot on.   I placed that command within the following short script, and all now works well:

startx &
env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linux Mailserver setup & redundancy 2 123
AWS EC2 HTTP & HTTPS 2 119
IP 10.0.1.2 / 255.0.0.0 61 108
ifconfig related commands 6 21
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question