How to run a X-program with sudo using putty and xming?

Posted on 2009-05-14
Last Modified: 2013-12-21
Hi all,

I do want to run a X-program, lets say xclock, on a linux server. The program should be displayed on a windows pc running xming as X-server.

Or in detail:
1. I logon using putty with X-forwaring as user THEUSER to the server from my pc
2. I start xming as X-server on my pc
3. I run sudo -u THEOTHERUSER /usr/bin/X11/xclock
4. xclock is displayed on my pc ...

The problem is, that there is an error message regarding to the X-settings (DISPLAY)

Xlib: connection to "localhost:10.0" refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
Error: Can't open display: localhost:10.0

I tried to copy the xauth stuff from one user to the other, but the DISPLAY and the cookie change every logon... if the user THEOTHERUSER is offline, there is no xauth information to be copied....

Can give any suggestions?

Thank you very much

Best regards
Question by:gnurl
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2

Assisted Solution

amrox earned 100 total points
ID: 24386235
Looks like you've got X11 server access control
try 'xhost +'
then try again

If that doesn't work, check that your $DISPLAY var is correct - before sudo'ing do an 'echo $DISPLAY', and set the value for your new session to this value using 'export DISPLAY=<value>'
LVL 62

Expert Comment

ID: 24393376
For X11 to be forwarded correctly you need:
Xming running in listen mode on workstation
SSH X11 forwarding enabled in SSH server's /etc/ssh/sshd_config, and sshd reloaded afterwards - kill -HUP `cat /var/run/'
X11 forwarding enabled in putty (default setting)

xdpyinfo should show whats wrong or right with display environment.

If X11 forwarding is disabled on SSH server then it attempts X11 connections to display outside secure channel - bad for firewalled environment.
If no X11 forwarding on client you get error DISPLAY not set.

LVL 62

Assisted Solution

gheist earned 50 total points
ID: 24393382
You mentioned sudo - X11 will not forward for sudo-ed user.
It might be done with sux from SuSE or kdesu from kde, but never with su or sudo.
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.


Author Comment

ID: 24394493
Hi amrox,

I added the linux server (running xclock) to the windows pc (running xming and sadly NOT displaying xclock). This does not help.

The problem with the display variable is, how do I set this in sudo and start the program I want to run?

For me the problem is following:

1. start Xming (Xming.exe :0 -clipboard -multiwindow) on local pc (to display xclock)
2. start putty on local pc (with X11 forwarding) usind login USER
3. xauth list on remote server shows
    <remoteserver>/unix:10  MIT-MAGIC-COOKIE-1 <cookiestring>
    echo $DISPLAY on remote server shows
4. xclock on remote server starts xclock, and xclock is displayed on local pc using xming
5. starting  sudo -u <THEOTHERUSER> /usr/bin/X11/xclock on remote server shows
Xlib: connection to "localhost:10.0" refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
Error: Can't open display: localhost:10.0

6. xauth nextract /home/<THEOTHERUSER>/xauth1 as user USER
    extracts the cookiestring to be merged to THEOTHERUSERs .Xauthority file
7. xauth nmerge xauth1 as user THEOTHERUSER merges the cookie to .Xauthority
    so xauth list as user USER and user THEOTHERUSER shows the same cookie
    <remoteserver>/unix:10  MIT-MAGIC-COOKIE-1 <cookiestring>
8. adding set DISPLAY=localhost:10.0 to .cshrc for user THEOTHERUSER leads to a DISPLAY
    localhost:10.0 everytime the USER logs on.
9. in conclusion:
    the xauth information for USER and THEOTHERUSER is the same
    the DISPLAY for USER and THEOTHERUSER ist the same
10. but:
      sudo -u <THEOTHERUSER> /usr/bin/X11/xclock
      throws the same error:
     Xlib: connection to "localhost:10.0" refused by server
     Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
     Error: Can't open display: localhost:10.0

Does anybody hava any suggestions?

Thank you,
Best Regards
LVL 62

Expert Comment

ID: 24394529
sudo does not work with X11 even on local consoles for most systems.

Accepted Solution

gnurl earned 0 total points
ID: 24410509
Hi all,

@gheist I am sorry, but I could not find sux or kdesu as one of my SLES9 packages in yast.

@amrox I could make it (partly) work with syncing the xauth and DISPLAY values for both users (as described mby me) adding the server to XMING (with the additional tool xauth.exe) showed me the X-session. But sudo is so secure, that shell variables I need are wiped from the environment. So the program starts but does not work. ... I gave it up.

Thanks for you help
LVL 62

Expert Comment

ID: 24411827
You can find sux in suse 10.
You can find kdesu in kdebase.

Hint: search for respective files in package repository

Expert Comment

ID: 24416468
My vote: close it in the way that the original poster wanted it closed before the objection.  Not sure if that is 1, 2 , 3, or 4  But as the objection is not valid then I vote for the 4 day closure to continue.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
auto mounter on hp-ux 2 66
how to include conditional log rotate in liunx. 17 103
NFS v4 7 76
Linux 6 38
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question