Solved

start gdm over portable ssh (xming and portable putty)

Posted on 2009-05-19
49
2,939 Views
Last Modified: 2013-12-21
can someone give me some example steps on this?
0
Comment
Question by:rtod2
  • 28
  • 21
49 Comments
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24427286
Xming has some serious bugs in xdmcp, I suggest you using Cygwin/X
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24427303
Anyway, start an xterm and run
/etc/gdm/Xsession default

Open in new window

0
 

Author Comment

by:rtod2
ID: 24427324
I don't want the XDM of XDMCP  I want only the dashboard.
0
 

Author Comment

by:rtod2
ID: 24427341
ai_ja_nai
I had some real issues with cygwin as well and could not locate you.
I would be pleased for your further assistance.  can you contact me at anonsce at gmail
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24427390
of course NOT. Your solution has to be available in future to others.

Did what I suggested you earlier work?
0
 

Author Comment

by:rtod2
ID: 24427422
no, it did not
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24429199
to connect to a machine, first you enable X forwarding on the remote machine

sudo nano /etc/ssh/sshd_config:
# X11 tunneling options
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

Then, in Putty enable X forwarding (Connection->SSH->X11, check "Enable X11 forwarding") and the compression.

Finally, connect with Putty to remote host, launch Xming and you should be done
0
 

Author Comment

by:rtod2
ID: 24431521
Ah OK this might be good.  I'm new to linux though and a little unsure how to decipher it.  

in response to the following, please see my questions following the arrow -->

to connect to a machine, first you enable X forwarding on the remote machine

sudo nano /etc/ssh/sshd_config:  --> can I execute these from the cygwin command line on the windows machine?  If so, how do I first connect to the machine?
# X11 tunneling options
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

Then, in Putty enable X forwarding (Connection->SSH->X11, check "Enable X11 forwarding") and the compression.

Finally, connect with Putty to remote host, launch Xming and you should be done"

Can I do this using cygwin
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24431600
No, of course you have to make sure those settings are already settled in the remote machine
0
 

Author Comment

by:rtod2
ID: 24431614
"of course", i would have no need to ask these questions here if I were familiar with linux
0
 

Author Comment

by:rtod2
ID: 24431654
From start to finish where I end up with a GUI login via ssh and cygwin, would you mind laying it out step-by-step.  Your process doesn't quite get me what I was after.

1.
2.
3.

0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24431665
(It wasn't meant to be uneducated, just to put a stress on it)
Actually, you can normally ssh to the remote box and change the settings via command line
0
 

Author Comment

by:rtod2
ID: 24431687
OK perfect,
so 1.2.3 from the beginning, using the windows box for the commands, can you provide the steps?
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24431790
Connect with putty to the remote host (I assume you know how to do that) and double click on the Xming logo in the desktop
0
 

Author Comment

by:rtod2
ID: 24432029
ai,
I REALLY appreciate your help but I am having some difficulty following your steps.  Here is what I have so far.

Task:  Connect to GUI Login and subsequent GNOME desktop via SSH (now using the suggested xming product and putty)
Steps:
 
ssh X root@vz1 (enter password when prompted)  
sudo nano /etc/ssh/sshd_config (to edit the sshd_config file)  
You will see the # X11 tunneling options within that file  
Enter the following at the top of the config file above the first #  
X11Forwarding yes (enter to move to the next line)
 X11DisplayOffset 10 (enter to move to the next line)
 X11UseLocalhost yes (enter to move to the next line)  
(ctrl-x to save; type y? and enter to confirm changes; enter again to confirm the correct file name)
putty.exe (single, fully portable executable from http://www.putty.org/ )  
xlaunch.exe
choose one window
presented with start no client, start a program, or open session via xdmcp
choose start a program --> is this correct so far?, what program do I choose?
then do choose Using PuTTY (plink.exe which I have), using SSH (ssh.exe), or with compression which is greyed out?



0
 

Author Comment

by:rtod2
ID: 24432159
In this thread, in post #24427286, you say that "Xming has too many bugs", and to use cygwin.
Then you say, in post #24431521, to "launch Xming and you should be done".

Just a little confused.  Thank you very very much for your assistance.  You appear to be the only one who has figured any of this out.
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24432241
>choose one window
>presented with start no client, start a program, or open session via xdmcp

you should choose the third, session via xdmcp (and that's another thing that has to be enabled on the remote box)

>In this thread, in post #24427286, you say that "Xming has too many bugs", and to use cygwin.
>Then you say, in post #24431521, to "launch Xming and you should be done".
>Just a little confused.
I don't like Xming because it has(had) some problems in XDMCP protocol. I find myself more comfortable with Cygwin/X.
Anyway, as you chose to stick with Xming I respect your will and go ahead.

After you started a ssh connection if you launch Xming you are done in your goal of connecting because you can launch remote box's apps or an entire desktop (via xdmcp)

>choose start a program --> is this correct so far?, what program do I choose?
It's up to you. If you connect to a remote box is because you want to do something, right? But maybe you don't want to fire up an entire desktop window, so Xming lets you start a single app on your Windows desktop to save resources
0
 

Author Comment

by:rtod2
ID: 24432495
You say that you "don't like Xming because it has(had) some problems in XDMCP protocol. I find myself more comfortable with Cygwin/X."

I am beginning to agree though am having some issues when trying to portabilize cygwin. When I use xdmcp with xming, i get a black window where I do not with cygwin.  I agree with you that xming has xdmcp issues.

Suppose I wanted to go with Cygwin, would you like me to open another question?

How would you suggest I proceed to connect to the desktop over ssh with cygwin?  Previously I have done the following, and the below was my result:

 
ssh -x root@server
gnome-session &

result: Gtk-WARNING **: cannot open display

That is to say,
1) xming - ssh + xdmcp returns a black window (despite recommended preparations to the sshd_config file)
2) cygwin - ssh + gnome-session or kdestart returns the Gtk warning
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24432987
may I have a look at your /etc/X11/gdm/gdm.conf?
0
 

Author Comment

by:rtod2
ID: 24433106
0
 

Author Comment

by:rtod2
ID: 24433123
Note that I can connect via xdmcp and cygwin but I wish to use ssh as above.

To recap:
1) xming - ssh + xdmcp returns a black window (despite recommended preparations to the sshd_config file)
2) cygwin - ssh + gnome-session or kdestart returns the Gtk warning
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24433505
Are you on Gnome?

Issue

setenv DISPLAY youripaddress:0.0

before launching the gnome-session command
0
 

Author Comment

by:rtod2
ID: 24434429
returns: -bash: setenv: command not found
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24436775
DISPLAY=yourip:0.0
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 

Author Comment

by:rtod2
ID: 24437035
I can only try this during the day at work.  Just noticing the error though, it would appear that it is the setenv command that appears to not be found.
0
 

Author Comment

by:rtod2
ID: 24441081
Thanks for the suggestion.  That got us a little closer.  

I typed only DISPLAY=IP_OF_WINDOWS_MACHINE:0.0
It returned a prompt where I typed gnome-session.

Unfortunately, I still get the same Gtk warning while using cygwin and the same black screen following initial login using xming.
0
 
LVL 16

Accepted Solution

by:
ai_ja_nai earned 500 total points
ID: 24446527
Let's do it from the beginning

-Start your Cygwin command shell.
- Give "xinit -- -clipboard" in the command line. You will see a bare X window show with a command prompt in it. You will also see something like "Cygwin/X - 0:0" on the left-top of the window. This tells you the display in which the X server is listening for incoming connections.
- Give "xhost +" in the command prompt. This is to let the server accept all the incoming connections. Remember: if you are concerned about the security, refer to the man page of xhost on how to give a list of hosts instead of wild card "+".
- Start an ssh connection to your Linux box.
- Once logged in, set the display variable with "export DISPLAY=x.x.x.x:0.0" where x.x.x.x is the IP address of your Windows box.
- Start your Gnome session by giving "gnome-session"

This should work
0
 

Author Comment

by:rtod2
ID: 24446717
When you say "- Give "xinit -- -clipboard" in the command line", you mean to type the command: xinit -clipboard ??
When you say "-Give "xhost +" in the command prompt, you mean to simply type the command: xhost + with no variable after the space +, correct?
When you say "start an ssh connection", you mean to type ssh -X root@server and then enter the password
When you say "set the display variable with..." you mean to type the command: export DISPLAY=windows_ip:0.0
Then type the command: gnome-session, correct?

Please confirm and I will try in the A/M.
0
 

Author Comment

by:rtod2
ID: 24450526
1) I typed: xinit -clipboard, got some flashing, and a return of the command prompt; so that appears to have done something.
2) I typed: xhost + as well as xhost, and xhost+ which all returned command not found.
3) Login via ssh -X root@server was successful.
4) I typed: export DISPLAY=windows_ip:0.0 and that appears to have worked
5) I typed: gnome-session and got the same Gtk-WARNING **: cannot open display

Perhaps it is step2 that I am missing?
0
 
LVL 16

Assisted Solution

by:ai_ja_nai
ai_ja_nai earned 500 total points
ID: 24452691
no, it's step one... try xinit without the --clipboard switch
0
 

Author Comment

by:rtod2
ID: 24452868
OK very interesting.  In step 2 I still got command not found but i continued with the rest of it and did get a gnome-session!

The session did return significant error text though in both the command window, and the window from which gnome-session GUI was successfully launched.  Here are those screenshots.

Very encouraging but it appears the X11 isn't tunneling 100% correctly via ssh.  The plan is to be able to turn off XDMCP and complete the connections 100% securely via SSH.

I think we are almost there and your suggestions would be very helpful.

0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24461770
error1.png reports no important errors, just some minor glitches more than tolerable for a Win->Lin connection (remember that Windows is not interoperable even with itself, figure out the difficult of making it possible to Linux).

error2.png reports some warnings that should not be fatal. Did you experience any sudden stop of the transmission, or any crash of the Gnome session?

Ssh is indeed cyphering the transmission. If you don't belive it, sniff the traffic with a packed inspector and see if you can read the traffic (tip: you won't)
0
 

Author Comment

by:rtod2
ID: 24462745
understood
The problem is that I have to sell this procedure for accessing the GUIs to my department.  All those errors are far from acceptable.
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24462785
You can hide those, if you want, by redirecting the output of the command by appending "&2>1 >mylogfile.log &" at the end of a command, so that it's all logged
And remember that warnings are common and are a blessing. If you want slick software that obscures warnings and error messages to appear just cooler and that when something goes wrong just crashes without reasons you should turn to MS products...
0
 

Author Comment

by:rtod2
ID: 24462852
fact remains that i know i cant sell this if errors are popping up
0
 

Author Comment

by:rtod2
ID: 24462870
So let's say I was comfortable with the errors, and wanted to accomplish the following:
  • suppress the errors to a log file
  • allow copy and paste to/from the cmd window
  • and allow each history to be recorded to local log files
Using serverx as an example, how would I re-write the cygwin.bat file?
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24463279
>fact remains that i know i cant sell this if errors are popping up
Wrong. Does it work? It is salable. Does it crash? It's not. Period. All the rest is just debug output

> how would I re-write the cygwin.bat file?
what bat file?
0
 

Author Comment

by:rtod2
ID: 24464029
cygwin setup is downloaded from x.cygwin.com and the default cygwin is set to start from cygwin.bat

In other words, how would I accomplish the above post with a single click for a server named serverx?
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24465399
post here the batch
0
 

Author Comment

by:rtod2
ID: 24466968
Here is the batch file.

Cygwin.bat.txt
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24467030

@echo off
 

C:

chdir C:\cygwin\bin
 

bash --login -i &2>1 >mylog.txt

Open in new window

0
 

Author Comment

by:rtod2
ID: 24469940
Thanks for the suggestion regarding redirection of the log.  Perhaps you are right that there is some debugging to do first.  I decided  try this on a CentOS box at home with xcygwin, to see what I would run into that might be different from the errors at work.  They were largely the same.  Here are those results.

It is important to note that as far as I can tell, neither 1) modifying the sshd_config to include X11Forwarding yes, X11DisplayOffset 10, X11UseLocalhost yes, or 2) changing the remote and security tabs to reflect 'remote login same as local', and 'allow remote system administrator logins', did not seem to have any effect.  As at work, despite the errors, I was able to get a gnome-session.

The path I followed was as follows:
xinit (without the -clipboard)
xhost + (seems to have resolved the previous Gtk error recieved after typing gnome-session)
ssh -X root@192.168.230.106
export DISPLAY=192.168.230.103:0.0
gnome-session
Attached here are my screenshot results of those steps with the final error appearing within a gnome-session.



1-msg-re-personalisable-files.png
2-xinit-FontStruct-error.png
3-4-5-following-xhost---ssh-cmd-.png
6-Gtk-warning-on-home-PC-also.png
7-OAFUD-GNOME-system-tray-aplet-.png
0
 

Author Comment

by:rtod2
ID: 24469954
Screenshot 6 above should be removed as the Gtk error referenced in it is no longer relevant.  Screenshot labeled 3, 4, 5 includes the remaining relevant errors.
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24473102
Screenshot 3-4-5 are not errors, just the system that warns you about things that you have to know. They are not a problem. BTW, 4-5 appear only the first time you connect to that host
0
 

Author Comment

by:rtod2
ID: 24473186
#5 is of particular concern.  I'm trying to 'deploy' this tool to be used by others in the department.  Something that says insecure, warning, authenticity issues, etc raise red flags.

I need to know how to 'fix' them, not just bypass them.
0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24474237
You can't, because there's nothing to fix.
The first time it asks for yes/no it's telling you "hey, you want me to connect to an unknown host. It's fingerprint is this. What do you want to do? "
The other warnings are because you use password authentication, instead on the key based one; as it prefers key based auth it says "hey, you are not giving me keys, the key based auth can't go, I'll try something else". It's not a concern. If you really want to suppress those use -Y instead of -X, but I discourage you: warning messages are good. Groping and stumbling in the dark is not
0
 

Author Comment

by:rtod2
ID: 24477917
If it prefers key based authentication, how can I provide what it wants?
0
 

Author Closing Comment

by:rtod2
ID: 31583274
Great job getting me through this!  At least I can get to the gnome-session using cygwin which is what I wanted.  The primary goal has been accomplished.  I still need to debug the errors I am getting but it works.  The steps I am taking are now narrowed to the following:

xinit
xhost +
ssh -X root@server
gnome-session

done!

0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24478053
By creating and exchanging RSA keys between the two hosts. In this way, you don't need anymore a password to log in into the machine (and this can be a vulnerability). It's a matter of tastes. Personally, I don't use keys. I just enter yes the first time and the pass all the others
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now