A few weeks back I found that, for some reason, one of my machines wasn’t allowing X forwarding over SSH (which is normally run as standard within my local environment, since I have lots of users who at least occasionally run graphical stuff on multiple machines).
The initial error came up as:
xterm Xt error: Can't open display:
xterm: DISPLAY is not set
The obvious test was to try setting $DISPLAY manually (although this would obviously not have been a good permanent solution). New error:
xterm Xt error: Can't open display: localhost:10.0
Digging around online a bit, I found the suggestion of moving the -nolisten tcp option from /etc/X11/xinit/xserverrc - this may well work, but I was unhappy with it as it didn’t match the setup I had on other machines which were entirely happy with X forwarding.
Eventually, I found the problem: not only do you need X11Forwarding yes in /etc/ssh/sshd_config on the machine you’re sshing into, you also need AllowTcpForwarding yes. (And also ForwardX11 yes, or ForwardX11Trusted yes, depending on your security preferences and access requirements, in /etc/ssh/ssh_config on the machine you’re sshing from, for the record.)
So fairly straightforward in the end, but took me a few min to disentangle, thus recorded here for others’ reference.
Thanks, handy. Did you mean /etc/ssh/sshd_config in the last para?
I've run into this myself. Good post.
Matt - doh, yes, I did. Now edited, thanks for pointing it out!
Good Lord.
My Dear Juliet,
May I suggest you try using Freenx (http://freenx.berlios.de/) with a free NX client (www.nomachine.com)?
Don't torture yourself! ;)
There can be security implications with enabling X forwarding by default. Another option might be to explicitly use "ssh -X" when necessary. Most of my SSH connections do not require X forwarding, so this suits me
Thanks, I had this problem bugging me.
my own two bits - remember to restart sshd after you edit the config file ... whoops.
With security in mind, X11 forwarding is disabled by default on the
Debian stock sshd. Set "X11Forwarding yes" on your
/etc/ssh/sshd_config and restart the server.
# /etc/init.d/ssh restart
Regards, Ismael
--
"Tout fourmille de commentaries; d'auteurs il en est grande cherté"
It worked great. Thanks for posting the solution and ending my several hours of googling.
Regards
Herb Swanson
I also had to make sure xauth was installed - it's part of xbase-clients on debian. Without this, there's no x authentication process. The problem is manifest by lack of a DISPLAY envvar on the remote machine upon login.
One thing that must be present is the /usr/bin/xauth program on the server you want to ssh to. The server I wanted to connect to does not have X installed, and then generally the xauth program is missing too. I discovered the reason by doing ssh -vvv -X .
kind regards,
Roland Nagtegaal
This is an excellent post. Please also note that UseLogin must be commented out or set to no in sshd_config since this is not compatable.
debug1: Remote: X11 forwarding disabled; not compatible with UseLogin=yes.
Peace.
I try this but don't worked and I fixed it by adding xauth packages on Debian Etch
Thank you for posting this.
+1 Simon & Roland
Thank you