<div dir="ltr">ack! forgot the $DISPLAY in the xauth add. Ok, here's a copy/paste with some name changes to protect the innocent<div><br></div><div><div>[user1@box1 ~]$ ssh -X user1@box2</div><div>user1@box2's password: </div><div>Last login: Wed Apr 18 18:56:14 2018 from box1.mydomain</div><div>$ box2:~> echo $DISPLAY</div><div>localhost:10.0</div><div>$ box2:~> xauth list</div><div>box2.mydomain/unix:11 MIT-MAGIC-COOKIE-1 399346bad1f901fbd6131ddbed38b613</div><div>box2.mydomain/unix:10 MIT-MAGIC-COOKIE-1 e8a48de705405e5376380ff8f3444467</div><div>$ box2:~> sudo su -</div><div># box2:~> export DISPLAY=localhost:10.0</div><div># box2:~> xauth add $DISPLAY . e8a48de705405e5376380ff8f3444467</div><div>xauth: file /root/.Xauthority does not exist</div><div># box2:~> xterm</div></div><div><br></div><div>and i get my xterm. don't worry about the xauth error. that pops if it has to create an .Xauthority file</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 18, 2018 at 6:50 PM, James Mcphee <span dir="ltr"><<a href="mailto:jmcphe@gmail.com" target="_blank">jmcphe@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">If it's anything like my setup it'd be the
<div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">swordfish/unix:11 MIT-MAGIC-COOKIE-1 00607ba4fc7c6a2ea9debc6ad57763<wbr>76</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">so the xauth line run as root would be</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">xauth add .
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">00607ba4fc7c6a2ea9debc6ad57763</span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><wbr>76</span>
</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">afaik, there's no way to make it permanent since it's regenerated when you ssh in. There's nothing to prevent you from setting up a simple shell script in your profile to do some wonkiness, but you'd be passing that hash around.</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">I'm making the assumption you're doing ssh forwarding and not popping the old X listen ports.</div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 18, 2018 at 6:18 PM, Mark Phillips <span dir="ltr"><<a href="mailto:mark@phillipsmarketing.biz" target="_blank">mark@phillipsmarketing.biz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Great!<div><br></div><div>I have this so far:</div><div><br></div><div><div>mark@swordfish:~$ echo $DISPLAY</div><div>swordfish:11.0</div><div>mark@swordfish:~$ xauth list</div><div>swordfish/unix:11 MIT-MAGIC-COOKIE-1 00607ba4fc7c6a2ea9debc6ad57763<wbr>76</div><div>swordfish/unix:10 MIT-MAGIC-COOKIE-1 892fa0c2d392d8517dd525a7bcdc21<wbr>2b</div><div><a href="http://swordfish.phillipsoasis.com:1" target="_blank">swordfish.phillipsoasis.com:1</a> MIT-MAGIC-COOKIE-1 ce767df80405a8d280be4e258f06fe<wbr>d8</div><div>swordfish/unix:1 MIT-MAGIC-COOKIE-1 ce767df80405a8d280be4e258f06fe<wbr>d8</div><div><a href="http://swordfish.phillipsoasis.com:10" target="_blank">swordfish.phillipsoasis.com:10</a><wbr> MIT-MAGIC-COOKIE-1 d635d049952882222e1b238f7a8d1f<wbr>bd</div><div><a href="http://swordfish.phillipsoasis.com:11" target="_blank">swordfish.phillipsoasis.com:11</a><wbr> MIT-MAGIC-COOKIE-1 cdb5f42e697aed89f9ff934ae36df6<wbr>25</div></div><div><br></div><div>So, which magic cookie goes with $DISPLAY=swordfish:11.0?</div><div><br></div><div>Also, how do I make this permanent? Or, do I have to export the DISPLAY and copy the magic cookie every time I su to root?</div><span class="m_8078843587279187724HOEnZb"><font color="#888888"><div><br></div><div>Mark</div></font></span></div><div class="m_8078843587279187724HOEnZb"><div class="m_8078843587279187724h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 18, 2018 at 5:31 PM, James Mcphee <span dir="ltr"><<a href="mailto:jmcphe@gmail.com" target="_blank">jmcphe@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">ok. So you start on box1, ssh -X to box2. echo $DISPLAY. xauth list. su to user2 on box2. export DISPLAY=<the display from user1>. xauth add $DISPLAY . <the hash from the correct display from xauth list>. Launch X application.<div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_8078843587279187724m_4915243550859100327h5">On Wed, Apr 18, 2018 at 5:21 PM, Mark Phillips <span dir="ltr"><<a href="mailto:mark@phillipsmarketing.biz" target="_blank">mark@phillipsmarketing.biz</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="m_8078843587279187724m_4915243550859100327h5"><div dir="ltr">There is an application I need to run as root on my Linode server, but it has to run in a gui. <div><br></div><div>I have ssh and X11 forwarding set up between my Ubuntu 14.04 system and my Linode (swordfish). It works just great for a non-root user (xcalc, xconsole, the application I need to run, etc). However, when I try to run the application on the server as root, I get the error message "X11 connection rejected because of wrong authentication." For xcalc running as root, I get</div><div><div>X11 connection rejected because of wrong authentication.</div><div>Error: Can't open display: swordfish:10.0</div><div><br></div><div>I have tried all sorts of google solutions - copying the user's .Xauthority to /root/ (also changing the ownership and permissions). But I just can't seem to log into swordfish as a normal user using ssh -X, su to root, and get the X11 forwarding to work. </div><div><br></div><div>I also went so far as to install vnc4server on the Linode, xfce window manager, and vnc4viewer on my Ubuntu machine. That all works when I access the vnc server as a normal user, but I can't get any X11 apps to run as root (ie from a root command line in a terminal in the vnc window). The error message when I try to run xcalc or other X11 apps is "No protocol specified. Can't open display :1".</div><div><br></div><div>What are the special Linux guru magical incantations/spells to make X11 forwarding work for root?</div><div><br></div><div>Thanks!</div><span class="m_8078843587279187724m_4915243550859100327m_4273768751586013288HOEnZb"><font color="#888888"><div><br></div><div>Mark</div><div><br></div></font></span></div></div>
<br></div></div>------------------------------<wbr>---------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.or<wbr>g</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">http://lists.phxlinux.org/mail<wbr>man/listinfo/plug-discuss</a><span class="m_8078843587279187724m_4915243550859100327HOEnZb"><font color="#888888"><br></font></span></blockquote></div><span class="m_8078843587279187724m_4915243550859100327HOEnZb"><font color="#888888"><br><br clear="all"><div><br></div>-- <br><div class="m_8078843587279187724m_4915243550859100327m_4273768751586013288gmail_signature" data-smartmail="gmail_signature">James McPhee<br><a href="mailto:jmcphe@gmail.com" target="_blank">jmcphe@gmail.com</a></div>
</font></span></div>
<br>------------------------------<wbr>---------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.or<wbr>g</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">http://lists.phxlinux.org/mail<wbr>man/listinfo/plug-discuss</a><br></blockquote></div><br></div>
</div></div><br>------------------------------<wbr>---------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.or<wbr>g</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">http://lists.phxlinux.org/mail<wbr>man/listinfo/plug-discuss</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="m_8078843587279187724gmail_signature" data-smartmail="gmail_signature">James McPhee<br><a href="mailto:jmcphe@gmail.com" target="_blank">jmcphe@gmail.com</a></div>
</div>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">James McPhee<br><a href="mailto:jmcphe@gmail.com" target="_blank">jmcphe@gmail.com</a></div>
</div>