ack! forgot the $DISPLAY in the xauth add. Ok, here's a copy/paste with some name changes to protect the innocent [user1@box1 ~]$ ssh -X user1@box2 user1@box2's password: Last login: Wed Apr 18 18:56:14 2018 from box1.mydomain $ box2:~> echo $DISPLAY localhost:10.0 $ box2:~> xauth list box2.mydomain/unix:11 MIT-MAGIC-COOKIE-1 399346bad1f901fbd6131ddbed38b613 box2.mydomain/unix:10 MIT-MAGIC-COOKIE-1 e8a48de705405e5376380ff8f3444467 $ box2:~> sudo su - # box2:~> export DISPLAY=localhost:10.0 # box2:~> xauth add $DISPLAY . e8a48de705405e5376380ff8f3444467 xauth: file /root/.Xauthority does not exist # box2:~> xterm and i get my xterm. don't worry about the xauth error. that pops if it has to create an .Xauthority file On Wed, Apr 18, 2018 at 6:50 PM, James Mcphee wrote: > If it's anything like my setup it'd be the > swordfish/unix:11 MIT-MAGIC-COOKIE-1 00607ba4fc7c6a2ea9debc6ad5776376 > > so the xauth line run as root would be > xauth add . 00607ba4fc7c6a2ea9debc6ad5776376 > > afaik, there's no way to make it permanent since it's regenerated when you > ssh in. There's nothing to prevent you from setting up a simple shell > script in your profile to do some wonkiness, but you'd be passing that hash > around. > > I'm making the assumption you're doing ssh forwarding and not popping the > old X listen ports. > > On Wed, Apr 18, 2018 at 6:18 PM, Mark Phillips > wrote: > >> Great! >> >> I have this so far: >> >> mark@swordfish:~$ echo $DISPLAY >> swordfish:11.0 >> mark@swordfish:~$ xauth list >> swordfish/unix:11 MIT-MAGIC-COOKIE-1 00607ba4fc7c6a2ea9debc6ad5776376 >> swordfish/unix:10 MIT-MAGIC-COOKIE-1 892fa0c2d392d8517dd525a7bcdc212b >> swordfish.phillipsoasis.com:1 MIT-MAGIC-COOKIE-1 >> ce767df80405a8d280be4e258f06fed8 >> swordfish/unix:1 MIT-MAGIC-COOKIE-1 ce767df80405a8d280be4e258f06fed8 >> swordfish.phillipsoasis.com:10 MIT-MAGIC-COOKIE-1 >> d635d049952882222e1b238f7a8d1fbd >> swordfish.phillipsoasis.com:11 MIT-MAGIC-COOKIE-1 >> cdb5f42e697aed89f9ff934ae36df625 >> >> So, which magic cookie goes with $DISPLAY=swordfish:11.0? >> >> Also, how do I make this permanent? Or, do I have to export the DISPLAY >> and copy the magic cookie every time I su to root? >> >> Mark >> >> On Wed, Apr 18, 2018 at 5:31 PM, James Mcphee wrote: >> >>> ok. So you start on box1, ssh -X to box2. echo $DISPLAY. xauth list. >>> su to user2 on box2. export DISPLAY=. xauth add >>> $DISPLAY . . Launch X >>> application. >>> >>> >>> >>> On Wed, Apr 18, 2018 at 5:21 PM, Mark Phillips < >>> mark@phillipsmarketing.biz> wrote: >>> >>>> There is an application I need to run as root on my Linode server, but >>>> it has to run in a gui. >>>> >>>> I have ssh and X11 forwarding set up between my Ubuntu 14.04 system and >>>> my Linode (swordfish). It works just great for a non-root user (xcalc, >>>> xconsole, the application I need to run, etc). However, when I try to run >>>> the application on the server as root, I get the error message "X11 >>>> connection rejected because of wrong authentication." For xcalc running as >>>> root, I get >>>> X11 connection rejected because of wrong authentication. >>>> Error: Can't open display: swordfish:10.0 >>>> >>>> I have tried all sorts of google solutions - copying the user's >>>> .Xauthority to /root/ (also changing the ownership and permissions). But I >>>> just can't seem to log into swordfish as a normal user using ssh -X, su to >>>> root, and get the X11 forwarding to work. >>>> >>>> I also went so far as to install vnc4server on the Linode, xfce window >>>> manager, and vnc4viewer on my Ubuntu machine. That all works when I access >>>> the vnc server as a normal user, but I can't get any X11 apps to run as >>>> root (ie from a root command line in a terminal in the vnc window). The >>>> error message when I try to run xcalc or other X11 apps is "No protocol >>>> specified. Can't open display :1". >>>> >>>> What are the special Linux guru magical incantations/spells to make X11 >>>> forwarding work for root? >>>> >>>> Thanks! >>>> >>>> Mark >>>> >>>> >>>> --------------------------------------------------- >>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>>> >>> >>> >>> >>> -- >>> James McPhee >>> jmcphe@gmail.com >>> >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >> >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > > > -- > James McPhee > jmcphe@gmail.com > -- James McPhee jmcphe@gmail.com