I am trying to get ssh X11 forwarding to work for administrating my server. Just plain ssh -X doesn’t work, so I edited /etc/ssh/ssh_config and /etc/ssh/sshd_config as follows:
sshd_config:
X11Forwarding yes
ssh_config:
ForwardX11 yes
I then restarted ssh and logged with ssh -X user@server. I tried running
As Malcolm points out, you have to modify sshd_config at the server end and restart the sshd daemon there. If you don’t have the rights to, bad luck. The sysadmin of the other end may have disallowed X forwarding.
I am sorry, I should have clarified. I made the both the above changes on both the client and server. I don’t think it’s my firewall because I can login fine with ssh. Also, after ssh -X ing into the server, the $DISPLAY variable is not set.
Run ssh with the -v option so that you can see the debug messages. Sometimes a program is missing at the other end like xauth missing will cause the X auth cookie to be not registered. Focus on solving the empty $DISPLAY variable.
Maybe DISPLAY is one of the environment variables filtered out? Check for any settings that might block this.
Have you checked with netstat to see if a socket at port 6010 (usually) is opened for the X forwarding? What about the sshd logs at the other end, are there any messages about X forwarding being denied? Is the other end running something like selinux or apparmor that would block that?
If there is a open X forwarding port, can you manually set DISPLAY to localhost:10 and run an X app (10 = 6010 - 6000)?
What is the other end? Another SUSE machine? An OS that perhaps doesn’t have all the X libraries installed? A non-Linux machine?
You’re going to have to do quite a bit of detective work at the server end.
Maybe DISPLAY is one of the environment variables filtered out? Check for any settings that might block this.
To be honest, I don’t know what to look for.
Have you checked with netstat to see if a socket at port 6010 (usually) is opened for the X forwarding? What about the sshd logs at the other end, are there any messages about X forwarding being denied? Is the other end running something like selinux or apparmor that would block that?
Netstat shows nothing on port 6010. No selinux or AppArmor, but here’s from the logfiles:
Nov 3 17:33:56 remoteServer sshd[15840]: Server listening on :: port 22.
Nov 3 17:33:56 remoteServer sshd[15840]: Server listening on 0.0.0.0 port 22.
Nov 3 17:34:10 remoteServer sshd[15841]: Accepted keyboard-interactive/pam for zak from 71.117.39.128 port 52404 ssh2
Nov 3 17:34:11 remoteServer sshd[15844]: error: Failed to allocate internet-domain X11 displaysocket.
Are there some hints there?
What is the other end? Another SUSE machine? An OS that perhaps doesn’t have all the X libraries installed? A non-Linux machine?
openSUSE 11.0 on both ends. Both are up to date, and have the X libraries installed (KDE on the local, GNOME on the remote).
You’re going to have to do quite a bit of detective work at the server end.
error: Failed to allocate internet-domain X11 display socket.
from /var/log/messages.
But googling the error turns up nothing but Solaris posts. It appears that somthing was wrong with Sun’s version os ssh. But I am using OpenSSH from the Yast repositories; nothing unusual at all! What is going on here?
Apparently my lo was not being assigned an ip address. I just ran ifconfig lo up and it works like a charm (even without editing sshd_config!). Why is my lo not being brought up at boot though?
Very odd, I can assure you. By the way, I can’t figure out how to mark this thread (or any thread) as SOLVED. If someone could let me know I’d appreciate it!
I had the same problem, getting ‘error: Failed to allocate internet-domain X11 display socket’ in /var/log/messages. I enabled IPv6 using yast and this resolved my problem. I can now launch X apps using X11 forwarding.
Same here. I had ipV6 Disabled. Enabling it fixed x11 forwarding… anyone run into a reason openSuSE may be having issues with X11 forwarding with IPv6 disabled?