Hello,
I am trying to fire up a GUI in my Unix server as root
and it comes out with this error
MobaXterm X11 proxy: Unsupported authorisation protocol
Error: Can't open display: localhost:11.0
Is this to do with the Xauthority file as I have added this command to it
xauth add `hostname`/unix:10 MIT-MAGIC-COOKIE-1
Usually you cannot do that. An "X-Server" runs on the client, not the server. You might want to read my little introduction about X-Windows for a clcarification on how X-Windows works.#
I hope this helps.
bakunin
Sorry it was my message the x-windows is running on the client (PC) and not the server
--- Post updated at 08:58 AM ---
xauth list
localhost.localdomain/unix:12 MIT-MAGIC-COOKIE-1 2592e2600c7bbd86b824fc0c725b5fd3
I am just wondering if this is correct as why is localhost.localdomain/unix instead of localhost only
Probably because of the name resolution is as it is. Try
nslookup 127.0.0.1
and you probably get the same result.
If the server runs on your client, then how comes this "mobaxterm" message? Do you try to run MobaXTerm as an X-Server under Windows?
I hope this helps.
bakunin
Thanks
Like I said it is running on my windows PC I mean x-windows
--- Post updated at 11:57 AM ---
hello,
I am now having this error message when I run the script as root
/installer
No matches found, authority file "-" not written
MobaXterm X11 proxy: Unsupported authorisation protocol
Error: Can't open display: localhost:11.0
This is the code of the script I am running
# more installer
#!/bin/ksh
#
full_name=$0
ori_dir_name=`pwd`
error_should_exit="0"
dir_name=`/usr/bin/dirname $full_name`
host_name=`uname -n`
os_rev=`uname -r`
CPU=`uname -p`
if [ "`uname -s`" = "SunOS" ]
then
if [ $os_rev = "5.8" ] || [ $os_rev = "5.7" ]
then
echo "This platform is not supported.\n"
error_should_exit="1"
fi
prg_name=`/usr/bin/basename $full_name`
arp=/usr/sbin/arp
xauth=/usr/openwin/bin/xauth
setup=setupsun.exe
ID=`/bin/id`
elif [ "`uname -s`" = "Linux" ]
then
echo $os_rev | grep '^2.4' > /dev/null
if [ $? = 0 ]
then
echo "This platform is not supported.\n"
error_should_exit="1"
fi
prg_name=`/bin/basename $full_name`
arp=/sbin/arp
# xauth is in /usr/bin on Red Hat 5 and /usr/X11R6/bin on Red Hat 4
export PATH="$PATH:/usr/X11R6/bin:/usr/bin"
xauth=xauth
setup=setuplin.exe
ID=`/usr/bin/id`
fi
export HOSTNAME=$host_name
set $ID
if [ ! -z $DISPLAY ]
then
DISPLAYHOST=`echo $DISPLAY | awk -F: '{ print $1 }'`
DISPLAYIP=`$arp $DISPLAYHOST | awk -F\( '{ print $2 }' | awk -F\) '{print $1}'`
LOCALHOST=`hostname`
LOCALIP=`$arp $LOCALHOST | awk -F\( '{ print $2 }' | awk -F\) '{print $1}'`
if [ "A$DISPLAYIP" != "A$LOCALIP" ]
then
REMOTEDISPLAY="1"
else
REMOTEDISPLAY="0"
fi
else
REMOTEDISPLAY="0"
fi
if [ -x $dir_name/$setup ]; then
if [ ! -z $DISPLAY ] && [ "A$REMOTEDISPLAY" = "A0" ]; then
export tmp_file="/tmp/installer_auth_$USER_$DISPLAY"
touch $tmp_file
chmod 600 $tmp_file
$xauth extract - $DISPLAY > $tmp_file
export XAUTHORITY="/.Xauthority"
fi
fi
#
# User is now root.
#
check_for_patch()
# ./installer
No matches found, authority file "-" not written
MobaXterm X11 proxy: Unsupported authorisation protocol
Error: Can't open display: localhost:11.0
# more installer
#!/bin/ksh
#
full_name=$0
ori_dir_name=`pwd`
error_should_exit="0"
dir_name=`/usr/bin/dirname $full_name`
host_name=`uname -n`
os_rev=`uname -r`
CPU=`uname -p`
if [ "`uname -s`" = "SunOS" ]
then
if [ $os_rev = "5.8" ] || [ $os_rev = "5.7" ]
then
echo "This platform is not supported.\n"
error_should_exit="1"
fi
prg_name=`/usr/bin/basename $full_name`
arp=/usr/sbin/arp
xauth=/usr/openwin/bin/xauth
setup=setupsun.exe
ID=`/bin/id`
elif [ "`uname -s`" = "Linux" ]
then
echo $os_rev | grep '^2.4' > /dev/null
if [ $? = 0 ]
then
echo "This platform is not supported.\n"
error_should_exit="1"
fi
prg_name=`/bin/basename $full_name`
arp=/sbin/arp
# xauth is in /usr/bin on Red Hat 5 and /usr/X11R6/bin on Red Hat 4
export PATH="$PATH:/usr/X11R6/bin:/usr/bin"
xauth=xauth
setup=setuplin.exe
ID=`/usr/bin/id`
fi
export HOSTNAME=$host_name
set $ID
if [ ! -z $DISPLAY ]
then
DISPLAYHOST=`echo $DISPLAY | awk -F: '{ print $1 }'`
DISPLAYIP=`$arp $DISPLAYHOST | awk -F\( '{ print $2 }' | awk -F\) '{print $1}'`
LOCALHOST=`hostname`
LOCALIP=`$arp $LOCALHOST | awk -F\( '{ print $2 }' | awk -F\) '{print $1}'`
if [ "A$DISPLAYIP" != "A$LOCALIP" ]
then
REMOTEDISPLAY="1"
else
REMOTEDISPLAY="0"
fi
else
REMOTEDISPLAY="0"
fi
if [ -x $dir_name/$setup ]; then
if [ ! -z $DISPLAY ] && [ "A$REMOTEDISPLAY" = "A0" ]; then
export tmp_file="/tmp/installer_auth_$USER_$DISPLAY"
touch $tmp_file
chmod 600 $tmp_file
$xauth extract - $DISPLAY > $tmp_file
export XAUTHORITY="/.Xauthority"
fi
fi
#
# User is now root.
#
check_for_patch()
{
typeset -i PATCHREV
typeset -i REV
typeset -i retval
typeset -i lastrev
PATCHNUM=$1
PATCHREV=$2
retval=1
lastrev=0
PATCHES=`/usr/bin/showrev -p | nawk -F: '{ print $2 $3 }'| sed -e "s/,/ /g"`
for i in ${PATCHES}
do
NUM=`echo $i | nawk -F- '{ print $1}'`
if [ ${NUM} == ${PATCHNUM} ]
then
REV=`echo $i | nawk -F- '{ print $2}'`
if [ ${REV} -gt ${lastrev} ]
then
lastrev=${REV}
fi
if [ ${lastrev} -ge ${PATCHREV} ]
then
retval=0
break
fi
fi
done
if [ ${retval} -ne 0 ]
then
echo
echo "SPECTRUM Installation requires a patch to function properly."
echo "Please contact your System Administrator and have them install"
echo "patch $1-$2 or greater before proceeding with the"
echo "SPECTRUM Installation.\n"
error_should_exit="1"
fi
}
#
# Check to see if required patch is installed
#
if [ $os_rev = "5.9" ]
then
echo "Checking for patches required to run the installer.\c"
check_for_patch "111711" "12"
echo ".\c"
check_for_patch "112963" "22"
echo ".\c"
else
if [ $os_rev = "5.10" ]
then
echo "Checking for patches required to run the installer.\c"
check_for_patch "117461" "4"
echo ".\c"
check_for_patch "119963" "4"
echo ".\c"
fi
fi
echo
if [ $error_should_exit = "1" ]
then
echo "Press RETURN to exit."
read data
exit
fi
cd $ori_dir_name
$dir_name/$setup
exit 0
When I see : Error: Can't open display: localhost:11.0 I think more of ssh...
Is X11 forwarding/tunnelling over ssh is enabled on your server? ( not the Xserver on your PC...)
This little article may be helpful:
Tunneling X11 | SSH Tectia Server 4.4 Unix Administrator's Guide
xorg - How to forward X over SSH to run graphics applications remotely? - Unix & Linux Stack Exchange
Thanks
yes in the sshd_config and ssh_config file in etc/ssh
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
Oh something else you cannot ssh with an account, su root then launch an X program... and is root allowed to connect with ssh etc...
I would start by using my connection and launch xclock & if that works then look if not to do with root cannot use ssh, if thats ok, then as root give your PC IP address to DISPLAY like (in ksh...) export DISPLAY=<PC IP>:0.0 Let me think a bit more for what else, but just got home after a completely OT seminary so I am a bit out of phase...
Addendum as it may not be very clear (trying my best though...)
To see why you need to export:
As you connect using X , in ssh from your PC, it will receive the DISPLAY information from the client in ssh, NOT your IP but something like
echo $DISPLAY
DISPLAY=localhost:10.0
su root
echo $DISPLAY
DISPLAY=
What you have suggests its using your ssh connection DISPLAY information, but that doesnt work in ssh ( unless someone gives me the recipy...) that display is yours and cannot be used by someone else...
Good thing to mention is that newer xorg does not listen by default.
Check on the box you are connecting from (the box running the X server) for X server startup options -nolisten tcp directive.
If it's configured like that, you will not be able to export DISPLAY=<IP box running the X>:0
So if ssh is configured with forwarding (looks like it it is), only encapsulation will work ( -Y -X ).
But encapsulation will not work when switching users in shell as vbe pointed out.
Check out this example, after which you can export DISPLAY from mentioned host, in this case from 'glitch' to 'hickup' using TCP way, with X server listening on port 6000 and xhost added.
root 18063 18058 1 18:27 tty7 00:00:10 /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch
man Xorg
TCP/IP
Xorg listens on port 6000+n, where n is the display number. This connection type is usually disabled by default, but may be enabled with the -listen option (see the Xserver(1) man page for de
tails).
So i added the the X startup option under my seat, since i'm using lightdm, you might be using other display manager so check its options.
user@hickup:~$ grep ^xserver-allow-tcp /etc/lightdm/lightdm.conf
xserver-allow-tcp=true
# issue a 'systemctl restart lightdm' # or whatever display manager your are using when configured to listen on port 6000
user@hickup:~$ xhost +glitch
user@hickup:~$ xhost
access control enabled, only authorized clients can connect
INET:glitch
SI:localuser:user
user@hickup:~$ netstat -an | grep LISTEN | grep 6000 && ps -ef | grep Xorg | grep -v grep
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
tcp6 0 0 :::6000 :::* LISTEN
root 21583 21576 1 18:45 tty7 00:00:07 /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/run/lightdm/root/:0 -listen tcp vt7 -novtswitch
You might not want to keep that setting, it is not default for a reason, but using export DISPLAY and su-ing around will keep working, unless - is used with su command.
Hope that helps
Regards
Peasant.