Thanks Miles, Will implement solution for #2 ASAP..
For #1, the settings are the defaults obtained when installing from DVD (x86) -- enforcing, I think. Or is there a more specific setting I should search for? (can only access machine on working day, earliest.)
William.
--- On Sat, 12/5/09, Miles O'Neal <[log in to unmask]> wrote:
From: Miles O'Neal <[log in to unmask]> Subject: Re: one-sided ssh connection, restricted access to X. To: "William Shu" <[log in to unmask]> Cc: [log in to unmask] Date: Saturday, December 5, 2009, 7:22 PM
For #1, what are your SELinux settings> For #2, that also applies, but... you should NOT by
default be able to have other users access your X display. That's the way it is supposed to work. If you want local users to be able to access your display, type in a terminal window:
xhost +localhost Then as long as the DISPLAY is :0 they should work (if SELinux isn't in the way). If you wnat DISPLAY to be set to $HOST:0 you need to type xhost +$HOST
On Sat, Dec 5, 2009 at 8:58 AM, William Shu <[log in to unmask]">[log in to unmask]> wrote:
Hi, Please for help on two [related] problems (I'm probably missing something glaring!):
1) On my newly installed SL54 on a machine *not* connected to the internet, I tried to connect to a remote machine (Redhat 9) via ssh and it does not allow me. I am lost, as sshd is activated on both machines, and I had used a laptop to make the connection to the remote machine before. I can ssh connect from the Redhat 9 machine.
QUESTION: What could I be doing wrong? (script of my attempts below). I can;t pick up what to do from man pages.
2) I tried to open emacs as root, but was not allowed. I was only allowed connection after I executed
$ xhost + to allow everybody access.
QUESTION: Is there no more secure way of enabling users on local machine to use X without having to enumerate them, or allow all to
access? In the past, I've always been able to open a terminal window as root or 3rd party and use without probs.
Regards,
William.
[wss@csc101A ~]$ uname -a Linux csc101A 2.6.18-164.2.1.el5PAE #1 SMP Tue Sep 29 19:14:47 EDT 2009 i686 i686 i386 GNU/Linux
[wss@csc101A ~]$ [wss@csc101A ~]$ ssh -XY 192.168.10.1 ssh: connect to host 192.168.10.1 port 22: Connection refused [wss@csc101A ~]$ xhost access control enabled, only authorized clients can connect SI:localuser:wss
[wss@csc101A ~]$ xhost + access control disabled, clients can connect from any host [wss@csc101A ~]$ ssh -XY [log in to unmask]">[log in to unmask] ssh: connect to host 192.168.10.1 port 22: Connection refused
[wss@csc101A ~]$ ssh -XY [log in to unmask]">[log in to unmask] ssh: connect to host 192.168.10.1 port 22: Connection refused [wss@csc101A ~]$ ssh -XY [log in to unmask]">[log in to unmask]
ssh: connect to host 192.168.10.1 port 22: Connection refused [wss@csc101A ~]$
man xhost [wss@csc101A ~]$ ssh -v -XY 192.168.10.1 OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.10.1 [192.168.10.1] port 22.
debug1: connect to address 192.168.10.1 port 22: Connection refused ssh: connect to host 192.168.10.1 port 22: Connection refused [wss@csc101A ~]$ ssh -vv -XY 192.168.10.1 OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.10.1 [192.168.10.1] port 22. debug1: connect to address 192.168.10.1 port 22: Connection refused
ssh: connect to host 192.168.10.1 port 22: Connection refused [wss@csc101A ~]$ ssh -vvv -XY 192.168.10.1 OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data
/etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.10.1 [192.168.10.1] port 22. debug1: connect to address 192.168.10.1 port 22: Connection refused
ssh: connect to host 192.168.10.1 port 22: Connection refused [wss@csc101A ~]$
---------- [root@csc101A wss]# emacs & [1] 4833 [root@csc101A wss]# Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified
emacs: Cannot connect to X server :0.0. Check the DISPLAY environment variable or use `-d'. Also use the `xhost' program to verify that it is set to permit connections from your machine.
|
|