SSH / X11 problems on 11.3

I was trying to remotely log in to my desktop which uses 11.3 from my laptop via ssh. For some reason I get an empty field for the command echo $DISPLAY. and as a result an xclock command results in error: can’t open display. I tried to set it to localhost:10.0 and I get:
Error: Can’t open display: localhost:10.0

I’ve tried :0.0 and I get:
Invalid MIT-MAGIC-COOKIE-1 keyError: Can’t open display: :0.0

ssh used to work about a week ago before I performed various security updates. I was wondering what’ the solution to this. I checked the /etc/ssh/sshd_config file and ssh_config file both have X11 forwarding on. Can anyone with more experience out there give me any ideas?

Thanks.

I can’t say why it did work earlier as you do not have any data on that (naturaly).

The environment variable DISPLAY tells the application where it has to open it’s windows.
When you log in in the desktop, you start the application (xclock is very handy as test indeed) run on a desktop. When DISPLAY is empty it will try to run on some default, which is most probably localhost:0.0. That is of course a display surface ON THE DESKTOP. But as probably nobody is loged in there is no surface there. And even when there was somebody loged in in the GUI there, (s)he would not automaticaly allow every other girl/guy to open windows on her/his desktop.

Setting DISPLAY to what we allready guess is the default will not help for obvious reasons.

You must set DISPLAY to the deisplay where you want to see the window and that is laptop:0.0 (you fill in the real name or the IP address and the first 0 may also differ if you have more then one GUI session open on the laptop).

AND you must then allow the opening of windows on your screen with e.g.

xhost +

which is very general and allows everybody, but it is OK for the test. Reading xhost’s man page will reveal something like

xhost +desktop

as a refinement.

BUT imho (and yours I guess) SSH should see that at least the DIAPLAY variable is set.

Henk thanks for the reply, and I get what you’re saying, I tried your suggestions, and I still get error can’t open display " ". What I do think is odd is that the DISPLAY is blank at the beginning. I’m at an end here. I have to say 11.3 is frustrating, I am probably going to put CentOS on this node.

An update, when I add xhost +
and set it DISPLAY=:0.0, and punch in xclock from my laptop, xclock shows up on the desktop, I guess expected.
Now if I put anything else I get the error xhost: unable to open display " ". I’m really confused.

Please ignore my NNTP post. Did you use ‘-X’ on the ssh call? Note that ‘xhost +’ could leave a big security hole…

The DISPLAY should end in ‘10:0’ for ssh connections. You might try it without the ‘localhost’ part; with it you might have to check your firewall settings.

I am trying to follow what you do, but fail. It is not clear where you type what. The DISPLAY= should be exucuted on the desktop (irrespective if you type it in the SSH session on the laptop), same as the xclock (it could be one command line: DISPLAY=laptop:0.0 xclock ).

The xhost + must execute on the laptop inside the GUI session (on a terminal started from that session).

Or as one session from a konsole on the laptop:

xhost +desktop
ssh desktop
password: ..... (or other things)
DISPLAY=laptop:0.0 xclock

EDIT: I hav seen GeoBaltz post. IT seems that he is better in this (with SSH) then I am. I am talking about direct display over the net. He is talking about forwareing through the SSH connection, which is way securer and even faster.

sherifkadry wrote:

>
> I was trying to remotely log in to my desktop which uses 11.3 from my
> laptop via ssh. For some reason I get an empty field for the command
> echo $DISPLAY. and as a result an xclock command results in error: can’t
> open display. I tried to set it to localhost:10.0 and I get:
> Error: Can’t open display: localhost:10.0
>
> I’ve tried :0.0 and I get:
> Invalid MIT-MAGIC-COOKIE-1 keyError: Can’t open display: :0.0
>
> ssh used to work about a week ago before I performed various security
> updates. I was wondering what’ the solution to this. I checked the
> /etc/ssh/sshd_config file and ssh_config file both have X11 forwarding
> on. Can anyone with more experience out there give me any ideas?
>
> Thanks.
>
>
Do you have “X11Forwarding yes” in /etc/ssh/sshd_config? And used ‘ssh -X
<hostname>’ to set up the connection?

Yes I’m even more confused.
Firstly on the laptop I typed your instructions:
xhost + desktop

Then I ssh into the desktop, and type in my password.

I set my DISPLAY to the following options and all have failed with the message Error can’t open display


DISPLAY=localhost:0.0 xclock 

…fail

DISPLAY=:10.0 xclock 

…fail

DISPLAY=laptop:0.0 xclock 

…fail

DISPLAY=laptop:10.0 xclock 

…fail

The only thing that works is :

DISPLAY=:0.0 xclock 

But the xclock window opens on the desktop!!!

Why do I have an empty DISPLAY environment to begin with on the ssh?. I have no firewall running right now. And I always ssh -X

I hope its clearer to you now Henk.

I use ssh a lot, all settings default except for the port. I’ll display the portnumber as #####, the IP to connect to as III.III.III.III

Login to your desktop of choice, open a terminal window and do:


ssh -X -l REMOTEUSERNAMEHERE] III.III.III.III -p #####

That’s all, connecting locally to my server, server’s username ‘knurpht’, is:


ssh -X -l knurpht] 192.168.1.100 -p 58585

In Dolphin/Konqueror you can use:


fish://REMOTEUSERNAMEHERE@III.III.III.III:#####

or


sftp://REMOTEUSERNAMEHERE@III.III.III.III:#####

Hope this helps you.

Quite honestly not too helpful because you’ve basically just told me how to use ssh, which I already knew how to, my issue is with the DISPLAY environment.

This is still confusing. I did not type

xhost + desktop

I typed

xhost +desktop

And As i stated earlier, you have to fill in the real names. As long as you talk about “the desktop” and “the laptop” in generic terms none of us here know what their real names are. The fact that you think the system belongs on your office desk or your lap is of no concern to the OS inside the system. The system have IP addresses on the network (which yoi can use directly), but the most often have names also (which are then resolved to IP addresses by the software).

Why do you not copy past exactly what you do and what the answers of thesystem are?

As an example of what I mean, I will show you how I should tell people on the Forums here what happens when Itry the same sort of thing you try:

mgi@boven:~> ssh beneden
Password:
Last login: Tue Jun 29 09:42:06 2010 from boven.henm.xs4all.nl
Have a lot of fun...
mgi@beneden:~> xclock
Error: Can't open display:
mgi@beneden:~> echo $DISPLAY

mgi@beneden:~>

This shows EXACTLY what I do and what the results are. No talking about laptops, desktops, and then I … and then the system … and then blablaba.

This may be a bit harsh to you (sorry for that), but we need facts. It is about computers, no bar talk :).

And this one works for me::

mgi@boven:~> ssh -X beneden
Password:
Last login: Sun Sep 26 12:36:42 2010 from boven.henm.xs4all.nl
Have a lot of fun...
/usr/bin/xauth:  creating new authority file /home/mgi/.Xauthority
mgi@beneden:~> echo $DISPLAY
localhost:10.0
mgi@beneden:~> xclock
mgi@beneden:~>

Try to add the following lines in your ~/.profile on the server.

Xterms="xterm xterm-color rxvt rxvt-unicode Eterm"

# get & export X display 

for term in ${Xterms} ; do 
	if  "$term" == "$TERM" ] ;  then
		if  ! $DISPLAY ] ; then
			export DISPLAY=${SSH_CLIENT%% *}:0.0
		fi
	fi
done

Hey, this is a BUG
https://bugzilla.novell.com/show_bug.cgi?id=618068
see workaround there