> On 13-Apr-2015, at 5:40 pm, dan mclaughlin <thev...@openmailbox.org> wrote: > > On Mon, 13 Apr 2015 16:49:02 +0530 Hrishikesh Murukkathampoondi > <hris...@gmail.com> wrote: >> Hello >> >> I am running OpenSD 5.6 on a x86 netbook. I am trying to setup X11 >> forwarding in ssh. >> >> In sshd_config I have added >> X11Forwarding yes >> >> In ssh_config I have added >> ForwardAgent yes >> ForwardX11 yes >> >> I have restarted sshd (pkill -HUP sshd) and when I start ssh from the >> client using ssh -X I get DISPLAY is not set when trying to launch an xterm. > > this is probably a bad idea. that will send the signal to all sshd processes, > and not just the main server. > > the proper way to restart sshd is to use the pid in /var/run/sshd.pid ie > > $ kill -1 $(</var/run/sshd.pid) > >> >> Just to make sure the new config is being used I also tried after rebooting >> the machine. >> >> I have X and xauth installed (/usr/X11R6/bin/xauth) - I can login via XDM >> and use a window manager. >> >> Below is the output with -v. I dont see "Requesting X11 forwarding" in the >> output. Is there anything else I need to add to forward X11? >> >> Thanks >> Hrishi >> >> --- >> Zeppelin:~ hrishi$ ssh -v -X hrishi@192.168.1.133 >> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 >> debug1: Reading configuration data /etc/ssh_config >> debug1: /etc/ssh_config line 20: Applying options for * >> debug1: Connecting to 192.168.1.133 [192.168.1.133] port 22. >> debug1: Connection established. >> debug1: identity file /Users/hrishi/.ssh/id_rsa type 1 >> debug1: identity file /Users/hrishi/.ssh/id_rsa-cert type -1 >> debug1: identity file /Users/hrishi/.ssh/id_dsa type -1 >> debug1: identity file /Users/hrishi/.ssh/id_dsa-cert type -1 >> debug1: Enabling compatibility mode for protocol 2.0 >> debug1: Local version string SSH-2.0-OpenSSH_6.2 >> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7 >> debug1: match: OpenSSH_6.7 pat OpenSSH* >> debug1: SSH2_MSG_KEXINIT sent >> debug1: SSH2_MSG_KEXINIT received >> debug1: kex: server->client aes128-ctr hmac-sha1-...@openssh.com none >> debug1: kex: client->server aes128-ctr hmac-sha1-...@openssh.com none >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >> debug1: Server host key: RSA 49:32:6f:a7:c9:f1:ea:6b:66:36:92:e3:79:a1:ef:1d >> debug1: Host '192.168.1.133' is known and matches the RSA host key. >> debug1: Found key in /Users/hrishi/.ssh/known_hosts:20 >> debug1: ssh_rsa_verify: signature correct >> debug1: SSH2_MSG_NEWKEYS sent >> debug1: expecting SSH2_MSG_NEWKEYS >> debug1: SSH2_MSG_NEWKEYS received >> debug1: Roaming not allowed by server >> debug1: SSH2_MSG_SERVICE_REQUEST sent >> debug1: SSH2_MSG_SERVICE_ACCEPT received >> debug1: Authentications that can continue: >> publickey,password,keyboard-interactive >> debug1: Next authentication method: publickey >> debug1: Offering RSA public key: /Users/hrishi/.ssh/id_rsa >> debug1: Authentications that can continue: >> publickey,password,keyboard-interactive >> debug1: Trying private key: /Users/hrishi/.ssh/id_dsa >> debug1: Next authentication method: keyboard-interactive >> debug1: Authentications that can continue: >> publickey,password,keyboard-interactive >> debug1: Next authentication method: password >> hrishi@192.168.1.133's password: >> debug1: Authentication succeeded (password). >> Authenticated to 192.168.1.133 ([192.168.1.133]:22). >> debug1: channel 0: new [client-session] >> debug1: Requesting no-more-sessi...@openssh.com >> debug1: Entering interactive session. >> debug1: Sending environment. >> debug1: Sending env LC_CTYPE = UTF-8 >> Last login: Mon Apr 13 15:57:09 2015 from 192.168.1.112 >> OpenBSD 5.6 (GENERIC.MP) #299: Fri Aug 8 00:10:33 MDT 2014 >> >> Welcome to OpenBSD: The proactively secure Unix-like operating system. >> >> Please use the sendbug(1) utility to report bugs in the system. >> Before reporting a bug, please try to reproduce it with the latest >> version of the code. With bug reports, please try to ensure that >> enough information to reproduce the problem is enclosed, and if a >> known fix for it exists, include that as well. >> >> $ xterm & >> [1] 29542 >> $ xterm: Xt error: Can't open display: >> xterm: DISPLAY is not set >> >> --- >> > > what is DISPLAY where you invoke ssh (ie before you log in)? where are you > starting ssh from (console, X11)? > > the DISPLAY variable is set automatically if you are running in X. if you > are invoking ssh in a terminal, you need to set it manually before running > ssh eg > > $ DISPLAY=:0 ssh -X user@host > > should send the data to the local X display (running on port 6000). > > what ssh is doing is opening up a connection to an X display on the machine > it is being run from. when you log on to another system via 'ssh -X' then > sshd on the remote system sets the DISPLAY variable to its own socket, so > that any program writes to that socket (instead of X) and ssh forwards that > data to the X11 on the system where it (ssh) was originally invoked. > > if however the original ssh is not given a DISPLAY variable to know where > to send X11 data to, the remote host doesn't set it either. >
Thank you this is useful information. In this case I found that XQuartz (X11 on OS X) seems to have been removed when I last upgraded. Re-installing it got ssh X11 forwarding working. Thanks Hrishi
