On Mon, 13 Apr 2015 16:49:02 +0530 Hrishikesh Murukkathampoondi <hris...@gmail.com> wrote: > Hello > > I am running OpenSD 5.6 on a x86 netbook. I am trying to setup X11 forwarding > in ssh. > > In sshd_config I have added > X11Forwarding yes > > In ssh_config I have added > ForwardAgent yes > ForwardX11 yes > > I have restarted sshd (pkill -HUP sshd) and when I start ssh from the client > using ssh -X I get DISPLAY is not set when trying to launch an xterm.
this is probably a bad idea. that will send the signal to all sshd processes, and not just the main server. the proper way to restart sshd is to use the pid in /var/run/sshd.pid ie $ kill -1 $(</var/run/sshd.pid) > > Just to make sure the new config is being used I also tried after rebooting > the machine. > > I have X and xauth installed (/usr/X11R6/bin/xauth) - I can login via XDM and > use a window manager. > > Below is the output with -v. I dont see "Requesting X11 forwarding" in the > output. Is there anything else I need to add to forward X11? > > Thanks > Hrishi > > --- > Zeppelin:~ hrishi$ ssh -v -X hrishi@192.168.1.133 > OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 > debug1: Reading configuration data /etc/ssh_config > debug1: /etc/ssh_config line 20: Applying options for * > debug1: Connecting to 192.168.1.133 [192.168.1.133] port 22. > debug1: Connection established. > debug1: identity file /Users/hrishi/.ssh/id_rsa type 1 > debug1: identity file /Users/hrishi/.ssh/id_rsa-cert type -1 > debug1: identity file /Users/hrishi/.ssh/id_dsa type -1 > debug1: identity file /Users/hrishi/.ssh/id_dsa-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_6.2 > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7 > debug1: match: OpenSSH_6.7 pat OpenSSH* > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-ctr hmac-sha1-...@openssh.com none > debug1: kex: client->server aes128-ctr hmac-sha1-...@openssh.com none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Server host key: RSA 49:32:6f:a7:c9:f1:ea:6b:66:36:92:e3:79:a1:ef:1d > debug1: Host '192.168.1.133' is known and matches the RSA host key. > debug1: Found key in /Users/hrishi/.ssh/known_hosts:20 > debug1: ssh_rsa_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: Roaming not allowed by server > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: > publickey,password,keyboard-interactive > debug1: Next authentication method: publickey > debug1: Offering RSA public key: /Users/hrishi/.ssh/id_rsa > debug1: Authentications that can continue: > publickey,password,keyboard-interactive > debug1: Trying private key: /Users/hrishi/.ssh/id_dsa > debug1: Next authentication method: keyboard-interactive > debug1: Authentications that can continue: > publickey,password,keyboard-interactive > debug1: Next authentication method: password > hrishi@192.168.1.133's password: > debug1: Authentication succeeded (password). > Authenticated to 192.168.1.133 ([192.168.1.133]:22). > debug1: channel 0: new [client-session] > debug1: Requesting no-more-sessi...@openssh.com > debug1: Entering interactive session. > debug1: Sending environment. > debug1: Sending env LC_CTYPE = UTF-8 > Last login: Mon Apr 13 15:57:09 2015 from 192.168.1.112 > OpenBSD 5.6 (GENERIC.MP) #299: Fri Aug 8 00:10:33 MDT 2014 > > Welcome to OpenBSD: The proactively secure Unix-like operating system. > > Please use the sendbug(1) utility to report bugs in the system. > Before reporting a bug, please try to reproduce it with the latest > version of the code. With bug reports, please try to ensure that > enough information to reproduce the problem is enclosed, and if a > known fix for it exists, include that as well. > > $ xterm & > [1] 29542 > $ xterm: Xt error: Can't open display: > xterm: DISPLAY is not set > > --- > what is DISPLAY where you invoke ssh (ie before you log in)? where are you starting ssh from (console, X11)? the DISPLAY variable is set automatically if you are running in X. if you are invoking ssh in a terminal, you need to set it manually before running ssh eg $ DISPLAY=:0 ssh -X user@host should send the data to the local X display (running on port 6000). what ssh is doing is opening up a connection to an X display on the machine it is being run from. when you log on to another system via 'ssh -X' then sshd on the remote system sets the DISPLAY variable to its own socket, so that any program writes to that socket (instead of X) and ssh forwards that data to the X11 on the system where it (ssh) was originally invoked. if however the original ssh is not given a DISPLAY variable to know where to send X11 data to, the remote host doesn't set it either.
