How to run a X-program with sudo using putty and xming?

Posted on 2009-05-14
Last Modified: 2013-12-21
Hi all,

I do want to run a X-program, lets say xclock, on a linux server. The program should be displayed on a windows pc running xming as X-server.

Or in detail:
1. I logon using putty with X-forwaring as user THEUSER to the server from my pc
2. I start xming as X-server on my pc
3. I run sudo -u THEOTHERUSER /usr/bin/X11/xclock
4. xclock is displayed on my pc ...

The problem is, that there is an error message regarding to the X-settings (DISPLAY)

Xlib: connection to "localhost:10.0" refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
Error: Can't open display: localhost:10.0

I tried to copy the xauth stuff from one user to the other, but the DISPLAY and the cookie change every logon... if the user THEOTHERUSER is offline, there is no xauth information to be copied....

Can give any suggestions?

Thank you very much

Best regards
Question by:gnurl
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2

Assisted Solution

amrox earned 100 total points
ID: 24386235
Looks like you've got X11 server access control
try 'xhost +'
then try again

If that doesn't work, check that your $DISPLAY var is correct - before sudo'ing do an 'echo $DISPLAY', and set the value for your new session to this value using 'export DISPLAY=<value>'
LVL 62

Expert Comment

ID: 24393376
For X11 to be forwarded correctly you need:
Xming running in listen mode on workstation
SSH X11 forwarding enabled in SSH server's /etc/ssh/sshd_config, and sshd reloaded afterwards - kill -HUP `cat /var/run/'
X11 forwarding enabled in putty (default setting)

xdpyinfo should show whats wrong or right with display environment.

If X11 forwarding is disabled on SSH server then it attempts X11 connections to display outside secure channel - bad for firewalled environment.
If no X11 forwarding on client you get error DISPLAY not set.

LVL 62

Assisted Solution

gheist earned 50 total points
ID: 24393382
You mentioned sudo - X11 will not forward for sudo-ed user.
It might be done with sux from SuSE or kdesu from kde, but never with su or sudo.
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.


Author Comment

ID: 24394493
Hi amrox,

I added the linux server (running xclock) to the windows pc (running xming and sadly NOT displaying xclock). This does not help.

The problem with the display variable is, how do I set this in sudo and start the program I want to run?

For me the problem is following:

1. start Xming (Xming.exe :0 -clipboard -multiwindow) on local pc (to display xclock)
2. start putty on local pc (with X11 forwarding) usind login USER
3. xauth list on remote server shows
    <remoteserver>/unix:10  MIT-MAGIC-COOKIE-1 <cookiestring>
    echo $DISPLAY on remote server shows
4. xclock on remote server starts xclock, and xclock is displayed on local pc using xming
5. starting  sudo -u <THEOTHERUSER> /usr/bin/X11/xclock on remote server shows
Xlib: connection to "localhost:10.0" refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
Error: Can't open display: localhost:10.0

6. xauth nextract /home/<THEOTHERUSER>/xauth1 as user USER
    extracts the cookiestring to be merged to THEOTHERUSERs .Xauthority file
7. xauth nmerge xauth1 as user THEOTHERUSER merges the cookie to .Xauthority
    so xauth list as user USER and user THEOTHERUSER shows the same cookie
    <remoteserver>/unix:10  MIT-MAGIC-COOKIE-1 <cookiestring>
8. adding set DISPLAY=localhost:10.0 to .cshrc for user THEOTHERUSER leads to a DISPLAY
    localhost:10.0 everytime the USER logs on.
9. in conclusion:
    the xauth information for USER and THEOTHERUSER is the same
    the DISPLAY for USER and THEOTHERUSER ist the same
10. but:
      sudo -u <THEOTHERUSER> /usr/bin/X11/xclock
      throws the same error:
     Xlib: connection to "localhost:10.0" refused by server
     Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
     Error: Can't open display: localhost:10.0

Does anybody hava any suggestions?

Thank you,
Best Regards
LVL 62

Expert Comment

ID: 24394529
sudo does not work with X11 even on local consoles for most systems.

Accepted Solution

gnurl earned 0 total points
ID: 24410509
Hi all,

@gheist I am sorry, but I could not find sux or kdesu as one of my SLES9 packages in yast.

@amrox I could make it (partly) work with syncing the xauth and DISPLAY values for both users (as described mby me) adding the server to XMING (with the additional tool xauth.exe) showed me the X-session. But sudo is so secure, that shell variables I need are wiped from the environment. So the program starts but does not work. ... I gave it up.

Thanks for you help
LVL 62

Expert Comment

ID: 24411827
You can find sux in suse 10.
You can find kdesu in kdebase.

Hint: search for respective files in package repository

Expert Comment

ID: 24416468
My vote: close it in the way that the original poster wanted it closed before the objection.  Not sure if that is 1, 2 , 3, or 4  But as the objection is not valid then I vote for the 4 day closure to continue.

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
remove one line from a file in solaris 8 57
Linux MD5 Hash 7 61
postfix start error! 9 52
Nee dhelp identifying the OS and how to access 7 38
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question