HPE Community
Operating System - HP-UX
1751865 Members
5928 Online
108782 Solutions
New Discussion юеВ

Re: ssh and Ignite/UX

 
David G. Douthitt
Regular Advisor

тАО10-30-2008 03:39 PM

тАО10-30-2008 03:39 PM

ssh and Ignite/UX

I am running a ssh client connection to an ignite server, and trying to do a make_net_recovery (to make an archive) from the Ignite/UX GUI.

The error states that the connection was broken due to invalid authentication.

The connection goes like this:

X11 Host --> Ignite/UX Server --> Client

I have AgentForwarding turned on, and X11ForwardTrusted turned on. On the X11 host, I did the following:

slogin -AYg root@ignite

Then, on the ignite server I ran:

ignite &

The ignite server root user has this client config (~/.ssh/config):

ForwardAgent yes
ForwardX11Trusted yes

The error dialog from Ignite's X11 GUI states: "X connection to host:11.0 broken (explicit kill or server shutdown)."

The text (console) display shows:

client being added to access control list
X11 connection rejected because of wrong authentication.

I've not found any definitive answer to this (although the ForwardX11Trusted was recommended). What am I missing here?

I could try sticking to running make_net_recovery on the clients, but I'd still like to get this working.
0 Kudos
Reply
4 REPLIES 4
Gregory D Baker
Frequent Advisor

тАО11-05-2008 12:59 AM

тАО11-05-2008 12:59 AM

Re: ssh and Ignite/UX

It's not a particularly good answer, but Ignite-UX doesn't require X11 to run. You could do:
ssh -t root@ignite ignite
and get a text-based gui version of Ignite-UX.

Also, the file you should be checking is not ignite:~root/.ssh/config -- that's only for connections out from the ignite server. I think you want /etc/opt/ssh/sshd_config and look at

X11Forwarding yes

X11UseLocalhost ...

X11DispalyOffset ...

0 Kudos
Reply
likid0
Honored Contributor

тАО11-05-2008 01:23 AM

тАО11-05-2008 01:23 AM

Re: ssh and Ignite/UX

You could try for testing to export your display on the server, and try opening ignite gui.
Windows?, no thanks
0 Kudos
Reply
Doug O'Leary
Honored Contributor

тАО11-05-2008 05:46 AM

тАО11-05-2008 05:46 AM

Re: ssh and Ignite/UX

Hey;

Don't confuse the issue: the ignite items you list are red herrings. This has nothing to do with ignite and everything to do with getting X11 correctly tunneled through ssh.

And, before diving into that:

>>I could try sticking to running make_net_recovery on the clients, but I'd still like to get this working.

I'd suggest doing it this way; from the client, you can set up scripts which you can run via cron.

Here's what I suggest to get X11 tunneled through ssh:

1. Verify that it's not working at all:

(ssh | slogin) to the ignite server.
echo $DISPLAY

the Display variable should look something like:

# echo $DISPLAY
135.3.66.94:13.0

if it says ${some_ip}:0.0, chances are you have something in your login profile that's overwriting the display parameter that ssh sets.

xterm -sb -sl 1024 &

That should open up an xterm on your local display. Based on your post, you'll get an error message.

2. Configure X11 tunneling:

On your ignite server, verify the parameters are enabled in the sshd_config.

# grep -i x11 /opt/ssh/etc/sshd_config
X11Forwarding yes
#X11DisplayOffset 10
X11UseLocalhost no

If X11Forwarding is set to no, reset it to yes, then sighup the sshd daemon.

On your client system, the one you're using to access the ignite server, verify x11 is enabled in the ssh_config:

# grep -i x11 /opt/ssh/etc/ssh_config
# ForwardX11 no
ForwardX11 yes

Notice, that's turned off by default.

If you're doing this from a Windows system, ensure you have some type of X11 terminal emulation software running.

To reiterate:

1. Verify nothing in root@ignite's profile is overwriting the DISPLAY variable.

2. Verify the ignite server enables X11 in the /opt/ssh/etc/sshd_config

3. Verify the client you're using enables X11 in the /opt/ssh/etc/ssh_config (assuming an HP client system...)

HTH;

Doug O'Leary

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
0 Kudos
Reply
David G. Douthitt
Regular Advisor

тАО11-05-2008 05:48 AM

тАО11-05-2008 05:48 AM

Re: ssh and Ignite/UX

The display from the Ignite server works fine; there is, however, a point where the X display originates from the client. This is when ssh fails to tunnel the X display properly (for whatever reason).

I'm looking to find a way to reliably tunnel the X display data from the client to the X display server.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.