Darwin X Server with remote xclient ?

  • Craig Miller

    Craig Miller - 2001-11-16

    I have XDarwin installed and working when I launch xterm and other xclients on my Mac.

    However, I would also like to run xclients remotely (on a Linux server) that then connects to my local XDarwin server to paint on my Powerbook.

    I get errors on the remote Linux box complaining that the connection is refused by my Mac.

    Is there something I need to configure to allow XDarwin to accept remote connections in addition to localhost connections?

    Thanks in advance,

    • Greg Parker

      Greg Parker - 2001-11-16

      This is X Windows' minimal security kicking in. There are two simple solutions.

      The secure method: send the X Windows commands across an ssh connection. From your Mac, `ssh -X linux.box.com`. The -X (capital X) tells ssh to forward X11 commands. ssh will set the DISPLAY variable itself; don't change it. Now you can run X11 programs from that ssh session and they will display on your Mac.

      The INSECURE method: tell X Windows on your Mac what other computers are allowed to run programs that display on your Mac. In an xterm, run
      `xhost +linux.box.com` to allow linux.box.com to connect, or
      `xhost +` to allow anyone anywhere to connect.
      This is INSECURE because any user on that machine can run X11 programs that display on your Mac, and can do evil things like fill your screen with a hundred xterms, or capture screenshots and keystrokes from X11.

      There's nothing XDarwin-specific here; these are the usual methods for remote X11 display. There are other X Windows security options, like xauth. I don't know anything about them, but they should work on XDarwin.

      • Martin Costabel

        Martin Costabel - 2001-11-17

        For me, the "ssh -X linuxbox.com" method works, at least in principle. The problem is that sshd and X clients don't always agree what constitutes a valid DISPLAY name: sshd often sets it to "perfo:10.0" where "perfo" is one of the valid nicknames of the linuxbox. Xterm does not see this as valid. I have to manually
          setenv DISPLAY localhost:10.0
        to make the connection work. But then it works quite nicely.

        OTOH, "ssh -X"-ing *into* a MacOSX box does not work for me, neither from another OSX box nor from Linux. The connection closes immediately, although X forwarding is turned on. Any ideas?

        • Greg Parker

          Greg Parker - 2001-11-17

          Does ssh to the Mac work at all? Does /etc/sshd_config say "X11Forwarding no"?

    • Martin Costabel

      Martin Costabel - 2001-11-17

      Yes, ssh to the Mac works without problem, and I changed the X11Forwarding line to "yes", exactly as I did under Linux. Here are the interesting lines from ssh -v, first the end of the (successful) ssh handshake when I do just "ssh -v":

      debug1: ssh-userauth2 successful: method publickey
      debug1: channel 0: new [client-session]
      debug1: channel_new: 0
      debug1: send channel open 0
      debug1: Entering interactive session.
      debug1: client_init id 0 arg 0
      debug1: channel request 0: shell
      debug1: channel 0: open confirm rwindow 0 rmax 16384

      Up to the second-to-last line, this is identical when I do "ssh -v -X", then it goes differently:

      debug1: client_init id 0 arg 0
      debug1: Requesting X11 forwarding with authentication spoofing.
      debug1: channel request 0: shell
      debug1: channel 0: open confirm rwindow 0 rmax 16384
      debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
      debug1: channel 0: rcvd eof
      debug1: channel 0: output open -> drain
      debug1: channel 0: rcvd close
      debug1: channel 0: input open -> closed
      debug1: channel 0: close_read
      debug1: channel 0: obuf empty
      debug1: channel 0: output drain -> closed
      debug1: channel 0: close_write
      debug1: channel 0: send close
      debug1: channel 0: is dead
      debug1: channel_free: channel 0: status: The following connections are open:
        #0 client-session (t4 r0 i8/0 o128/0 fd -1/-1)

      debug1: channel_free: channel 0: dettaching channel user
      Connection to imac closed.
      debug1: Transferred: stdin 0, stdout 0, stderr 28 bytes in 1.0 seconds
      debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 27.9
      debug1: Exit status -1


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks