X11转发坏了


8

我无法终生获得工作的权利。我所做的一切都是“按书进行的” ...客户端和服务器都正在运行ubuntu 11.04。都打开了ssh,vnc,x11和FW端口

/etc/ssh/ssh_config

   ForwardAgent yes
   ForwardX11 yes
   ForwardX11Trusted yes

/etc/ssh/sshd_config

X11Forwarding yes
X11DisplayOffset 10

apt-get install xauth
xauth is already the newest version.
  • 安装tightvncserver
  • 运行了xauth列表
  • 重新启动
  • 与...连接 ssh server -Xvl user

echo $DISPLAY 返回空白xterm返回 xterm Xt error: Can't open display:

xterm:  DISPLAY is not set
  • 固件已打开
  • VNCserver正在运行
  • sshd运行
  • X11运行
  • ssh配置文件确定
  • ssh登录的详细输出显示一切正常,没有错误

仍然没有效果...

所以我做了export DISPLAY=localhost:10.0 然后echo $DISPLAY返回localhost:10.0xterm返回xterm Xt error: Can't open display: localhost:10.0

现在这是奇怪的部分。如果我这样做,export DISPLAY=:0.0则xterm不会给出任何错误,但是不会显示GUI ...

尝试了所有操作,除了重新安装操作系统。甚至重新安装了ssh并从有效的安装中复制了新的配置文件...

将详细输出放在这里:

user@jupiter:~$ ssh -v -X user@192.168.0.1 env
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.0.1 [192.168.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 31:52:3e:91:b2:b2:74:cf:3e:65:37:a7:78:b9:3a:9e
debug1: Host '192.168.0.1' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:4
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/id_rsa
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: Next authentication method: password
debug1: Authentication succeeded (password).
Authenticated to 192.168.0.1 ([192.168.0.1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Requesting authentication agent forwarding.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: env
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
SHELL=/bin/bash
XDG_SESSION_COOKIE=5867400390852a975845598400000005-1329602079.30299-1173119600
SSH_CLIENT=192.168.0.14 34691 22
USER=user
SSH_AUTH_SOCK=/tmp/ssh-bPyNW11158/agent.11158
MAIL=/var/mail/user
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
PWD=/home/user
LANG=en_US.UTF-8
SHLVL=1
HOME=/home/user
LOGNAME=user
SSH_CONNECTION=192.168.0.14 34691 192.168.0.1 22
_=/usr/bin/env
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 1960, received 1968 bytes, in 0.1 seconds
Bytes per second: sent 19601.4, received 19681.4
debug1: Exit status 0

哦,是的,我在syslog或内核日志中没有任何条目
JaR 2012年

嗨,你的伴侣快速问题。当您把腻子放在盒子里时。您是否将ssh转到另一个框并尝试X11转发?例如:腻子(box1)-> ssh box2-> X11转发(如果是)。它不会工作。X11只能从腻子直接使用。解决方法->创建到新框的隧道,并对其进行X11 :)

Answers:


6

我花了几个小时研究这个,并尝试了几乎所有内容。

在使用SSH方面非常有经验。
奇怪的是,添加了这条使其工作的行/ etc / ssh / sshd_config X11UseLocalhost否


非常感谢!在我的案例中,只有这条线的缺席才是问题的根源。
约翰·史密斯

3

不知道您问了这么长时间后是否仍然在乎,但今天我解决了同样的问题。

您需要添加: X11UseLocalhost no/etc/ssh/sshd_config,然后重新启动SSH服务器。

您可能还需要将.Xauthority用于连接主机的文件添加到远程X主机:

xauth add {ip}:0 . {32byte code from `xauth list` on the connecting host}

{ip}远程X主机的IP 在哪里xauth list,在本地连接主机上运行。


2

好吧,我没有任何问题,我一直都能轻松实现它,但是也许我可以通过比较我的工作连接来提供帮助。我使用rsa而非密码(名称已更改)连接到名为“ myserver”的服务器系统,登录名为“ myname”。顺便说一句,使用本地系统上的几个命令很容易做到。

$ ssh -v -X myserver env
OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e 6 Sep 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to myserver [192.168.1.111] port 22.
debug1: Connection established.
debug1: identity file /home/myname/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/myname/.ssh/id_rsa-cert type -1
debug1: identity file /home/myname/.ssh/id_dsa type -1
debug1: identity file /home/myname/.ssh/id_dsa-cert type -1
debug1: identity file /home/myname/.ssh/id_ecdsa type -1
debug1: identity file /home/myname/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA de:ad:be:ef:00:ff:00:5c:1a:65:8e:01:73:4a:96:da
debug1: Host 'myserver' is known and matches the RSA host key.
debug1: Found key in /home/myname/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/myname/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to myserver ([192.168.1.111]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Sending environment.
debug1: Sending env LC_MESSAGES = en_US.UTF-8
debug1: Sending env LC_COLLATE = en_US.UTF-8
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
debug1: Sending command: env
SHELL=/bin/bash
XDG_SESSION_COOKIE=d509ffb7a28e82163e2349554bdbc5ab-1329602932.440753-1239879281
SSH_CLIENT=192.168.1.110 48888 22
USER=myname
MAIL=/var/mail/myname
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
LC_MESSAGES=en_US.UTF-8
LC_COLLATE=en_US.UTF-8
PWD=/home/myname
LANG=en_US.UTF-8
SHLVL=1
HOME=/home/myname
LOGNAME=mynage
SSH_CONNECTION=192.168.1.110 48888 192.168.1.111 22
LC_CTYPE=en_US.UTF-8
DISPLAY=localhost:10.0
_=/usr/bin/env
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2912, received 2760 bytes, in 0.5 seconds
Bytes per second: sent 5503.1, received 5215.8
debug1: Exit status 0

编辑:哦,是的,配置文件:ssh_config ...这三个都没有设置。发表评论。

仅设置了以下这些:

SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no

sshd_config ...与您的相同,最后添加以下内容:

UsePAM yes

哦,在远程主机上:

$ echo $DISPLAY
localhost:10.0

我从未使用过任何vnc服务器,所以这可能是问题所在。只是好奇-为什么需要使用它?我想不出为Linux添加此功能的理由,但是我当然不是专家。
马蒂·弗里德
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.