Solved

Setting DISPLAY variable to use XHOST on a local X-server via SSH

Posted on 2004-09-07
9
763 Views
Last Modified: 2010-04-20
I have a problem - I have Redhat 9.1, and run an X-server on it.  This X-server is at localhost:0.0.  When certain SSH clients connect, they force the value of DISPLAY so they can use X-forwarding.  I want to be able to use X-forwarding at times, so I don't want to disable this.

However, I need to issue xhost + command to enable unauthenticated access to the LOCAL x-server.  To do this, I have to set the DISPLAY environment variable to localhost:0.0 then run xhost +.

The problem is, the ssh client doesn't like me doing that.  (That's what I believe the problem is).

Using fedora's terminal and running ssh (correct result):

 [root@XYZ]# DISPLAY=localhost:0.0
 [root@XYZ]# xhost +
 access control disabled, clients can connect from any host
 [root@XYZ]#

With widows SSH or pengiunet PenguiNet 2.13 http://www.siliconcircus.com/:
[root@XYZ]# DISPLAY=localhost:0.0
[root@XYZ]# xhost +
xhost:  unable to open display ""
[root@XYZ]#

To summarise:
I want to disable access control on an x-server at localhost:0.0, via SSH, without disabling X-forwarding.
0
Comment
Question by:vincevincevince
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 23

Accepted Solution

by:
Mysidia earned 250 total points
ID: 11994555
Try

env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
0
 
LVL 38

Expert Comment

by:yuzh
ID: 11994580
If your ssh was setup correctly with X-forwarding enable, when you ssh login to a remote
host the DISPLAY should automatically set.

otherwise, from boxA ssh to boxB,  when you ssh login to box B, you need to do:

DISPLAY=boxA-IP:0.0
export DISPLAY
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 11994827
Mysidia, I will try that as soon as I can get hold of a windows machine, thanks.
Yuzh, you may be misunderstanding me - it's not that I have problems with X forwarding, that works fine, it's that I can't run an xhost command for the server's X-server, because the ssh client (I guess taht's the problem) won't let me change the DISPLAY environment variable.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 2

Expert Comment

by:Sunjith
ID: 11995240
Hi vince,
 Try export instead of simply setting the variable as follows:
========
[root@XYZ]# export DISPLAY=localhost:0.0
[root@XYZ]# xhost +
========
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11996263
If X forwarding is working why do you need to disable authention? Is it because you log in to the remote as one user and can't use X applications if you su to some other user (like root)? The solution there is to enable sudo access for your account and do 'sudo some-X-app', or ssh in as the user you need to be (ssh root@remote).

From a remote connection you can't connect to localhost:0.0 because that display is not owned by the logged in user. You can execute an 'xhost +localhost' without ftuzing with DISPLAY, but that won't help with the authentication problem if you switch users within that session because of the way X forwarding works.
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 12003646
"If X forwarding is working why do you need to disable authention?"
I think you misunderstand slightly.  I use X-forwarding for using X applications remotely.  I also use certain X applications 100% serverside via scripts which require an X server for some rendering.

This means I have to have a local X server running (localhost:0.0) AND X forwarding of a different server.  i.e two X servers.

The problem comes when I need to give scripts access to the local X-server.  These scripts are mostly php.  For these to run, I need to disable authentication ... on the local X-server only.

Many thanks for your help thus far, today I test all comments submitted on the server.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12003776
So you are remotely accessing the box via ssh? Unless there's someone logged in on the console and running x localhost:0.0 won't exist.

Unless you are trying to invoke an X application from PHP your script won't need a running X server to execute. What are you doing within the PHP script that needs X?
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 12004195
To create a running X server even when nobody is logged into the console I start the X server and background it.

I need an X server to use kwebdesktop.
0
 
LVL 1

Author Comment

by:vincevincevince
ID: 12004285
#1 from Mysidia was spot on.   I placed that command within the following short script, and all now works well:

startx &
env -i -- DISPLAY=localhost:0.0 XAUTHORITY=~/.Xauthority /usr/X11R6/bin/xhost +
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question