When I do "ssh -X abcserver", I got message "X11 forwarding request failed on channel 0".
I checked online and it was suggested to solve it by switching "X11UseLocalhost no" to "X11UseLocalhost yes".
However, both my manager and I don't have this administrative privilege. I am wondering, except this solution, whether there is another option to solve the issue ? I also don't have sudo privilege to directly install X11 on the server.
My local platform is:
Linux version 3.16.0-4-amd64 (debian-kernel#lists.debian.org)
(gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02)
The remote platform is:
Linux version 3.13.0-88-generic (buildd#lgw01-16)
(gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3) )
#135-Ubuntu SMP Wed Jun 8 21:10:42 UTC 2016
Adding the -v option to ssh when trying to log in will give a lot of debug information which might give a clue to exactly what the problem is, like for instance
debug1: Remote: No xauth program; cannot forward with spoofing.
which in my case installing xauth on the server fixed the issue.
I had to edit the sshd config file on the remote server to fix the issue. It worked on Ubuntu 16.04 Server:
$ sudo vim /etc/ssh/sshd_config
Set `X11UseLocalhost no`
Save the file.
$ sudo service sshd restart
$ exit
Now it works!
$ ssh -X user#remotehost
$ xclock
sudo apt install xauth
change the line #AddressFamily any to AddressFamily inet in /etc/ssh/sshd_config
sudo service ssh restart
This is enough on Ubuntu 18.04 LTS.
After login with ssh -X (or after activating the PuTTY / KiTTY option "Enable X11 forwarding") you should see that the environment variable DISPLAY is automatically defined to localhost:10.0 or similar. After first successful login (with a functional X11 forwarding) the file .Xauthority will be generated. Another positive sign of success.
If you are interested to see and to understand the details of X11 forwarding within your session you can try with lsof -i -P|grep ssh.
1.make sure that during ssh -X root#server you have root permission.
2.update the /etc/ssh/sshd_config and make sure this line is uncommented
X11Forwarding yes
3.systemctl restart sshd
4.exit from server
5.ssh -X root#server
6.virt-manager
In my case, as superuser, editing /etc/ssh/sshd_config on the remote host and changing the following line fixed it.
From
#X11Forwarding no
to
X11Forwarding yes
Then: pkill -HUP sshd on the remote host to make sshd reload its config, which also closes the sshd session.
After X11 forwarding suddenly stopped working after no other changes than moving the ssh server to another wifi, I followed the answer to this seemingly completely different question and it worked.
In other words, it seems the solution for me was to specify AddressFamily inet in /etc/ssh/sshd_config.
Related
my ssh config was okay and it was working fine, however recently my Github ssh connection didn't work and also I wasn't able to connect to my private server using ssh connection. When I try to ssh, I get follwing error:
/home/hacku/.ssh/config: line 9: Bad configuration option: Identityfile
/home/hacku/.ssh/config: line 16: Bad configuration option: Identityfile
/home/hacku/.ssh/config: terminating, 2 bad configuration options
And here is my config file:
Host github.com
User git
Port 22
Hostname github.com
IdentityFile ~/.ssh/github_ssh
TCPKeepAlive yes
Host linode
HostName serv_ip_address
User hackU
Port 22
IdentityFile ~/.ssh/private_key
I copied exact same config file and my private key into another machine and it worked great (Termux, ssh version => OpenSSH_8.6p1, OpenSSL 1.1.1l 24 Aug 2021).
I checked my ssh package version it was OpenSSH_8.7p1, so I thought maybe the update broke it. So I downgraded it to OpenSSH_8.6p1, OpenSSL 1.1.1l 24 Aug 2021, it also didn't work, additionally I tried to restart sshd by using
sudo systemctl restart sshd
But none of the above worked.
I'm using manjaro gnome edition as my daily driver.
Thanks beforehand.
Everything theoretically seemed okay but the thing was that it was weirdly throwing this error. After doing some reading, I found this information here:
if you use an ssh-agent, ssh will automatically try to use the keys in the agent, even if you have not specified them with in ssh_config's IdentityFile (or -i) option. This is a common reason you might get the Too many authentication failures for user error. Using the IdentitiesOnly yes option will disable this behavior.
So I completely deleted IdentityFile option. Hence my final config file is like that and both connection works just fine.
Host github.com
User git
Port 22
Hostname github.com
TCPKeepAlive yes
Host linode
HostName server_ip_address
User hackU
Port 22
However, the reason for the problem for me still is unknown. I would be glad to hear, in case someone finds it out.
I would like to establish rsync between Windows 7 and linux server for file transfer. I am trying to make this as simple as possible. As topic, is there any way to use rsync without password file and ssh? I was searching for few days but only found solution with either password-file or ssh.
I am using:
Client Env
Windows 7
cwRsync 5.5.0
Server Env
Linux Redhat 6.3 Santiago
rsync 3.1.1
If you want to use rsync without using SSH at all, then you can do it using an rsync server.
It requires installing rsyncd on the Linux server, and setting up and configuring an always-running service, but there's a tutorial here (from 1999!) that says how to do it.
You can set it up to allow access without a username and password, but only do that within a trusted network! Note that, even with a password, there won't be any encryption, so use with caution.
on the source system:
vim /etc/rsyncd.conf
then add your path
[your_path_name]
path = /any_directory/your_path_name
comment = My fast rsync server
read only = yes
list = yes
start the rsync server
sudo systemctl start rsync
and on the destination server:
rsync -r rsync://X.X.X.X:/your_path_name ./my_directory/ --progress
When using SSH mode to connect to some linux servers:
For some servers, mobaxterm shows "X11-forwarding : ✔ (remote display is forwarded through SSH)" and I can start some gui application in local windows.
For some servers, mobaxterm shows "X11-forwarding : ✘ (disabled or not supported by server)
My question is, how does mobaxterm know this information? On both servers I've configured /etc/ssh/ssh_config to have:
X11Forwarding yes
ForwardX11 yes
I'm not sure which config line really works so I had both. Question is, how does mobaxterm know, is it part of ssh communication to tell, whether the linux server supports ssh forwarding or not?
Ensure xorg-x11-xauth is installed
/etc/ssh/sshd_config:
# AddressFamily any
AddressFamily inet
AllowTcpForwarding yes
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
https://bbs.archlinux.org/viewtopic.php?id=218584
I was having a similar problem: MobaXterm was saying one of my servers DID support X11 forwarding, and the other didn't. This was maddening, as the /etc/ssh/ssh_config files were identical. My problem was answered here.
Seems you are looking in the wrong place, like I was.
The file /etc/ssh/ssh_config configures SSH clients on your host.
The file /etc/ssh/sshd_config configures the SSH server on your host.
Thus, check for the line "X11Forwarding" in your /etc/ssh/sshd_config file. (Note the "d".) If uncommented and set to "yes", then X11 forwarding should work... and I bet MobaXterm will detect this.
On Solaris, xauth might be in different locations depending on the OS release (/usr/bin or /usr/openwin/bin).
So it is also worth verifying that the parameter XAuthLocation is correctly set in /etc/ssh/sshd_config.
HTH,
Stefane
For me worked the solution described here https://superuser.com/questions/249045/x11-forwarding-from-amazon-ec2-ami especially:
sudo yum install xorg-x11-xauth.x86_64 xorg-x11-server-utils.x86_64 dbus-x11.x86_64
I create one SUSE linux EC2 instance in Amazon AWS.
And it is OK to 'putty' to access the instance (use the key-pair file, let's call it key.pem, I have converted it to key.ppk), and when log in the host, I am using 'root' user name, and it is OK.
login as: root
Authenticating with public key "imported-openssh-key"
Last login: Tue Apr 15 15:17:55 2014 from x.x.x.x
SUSE Linux Enterprise Server 11 SP3 x86_64 (64-bit)
As "root" use the:
- zypper command for package management
- yast command for configuration management
Management and Config: https://www.suse.com/suse-in-the-cloud-basics
Documentation: http://www.suse.com/documentation/sles11/
Have a lot of fun...
While when I try to use 'pscp' to copy files, it always failed, and outputs
Server refused our key
Using Keyboard-interactive authentication.
Password:
My 'pscp' command usage as following
C:\Users\t440s\Downloads\putty\pscp.exe -i key.pps test.txt root#myhost.compute.amazonaws.com:/tmp
Actually, I do not know my password.
And I checked following section of /etc/ssh/sshd_config, seems root do not need password
# Authentication:
#LoginGraceTime 2m
PermitRootLogin without-password
PasswordAuthentication no
I am using win8.
Please help me. Yours.
I would like you should use Git Bash tool http://git-scm.com/download/win its free and opensource, Please download and install , You have Unix environment is windows :)
now in the git bash type command ls to check where you are and now you can type this command in GIT bash
scp -i /c/Users/USERNAME/Download/key.pem filename.txt ec2-user#ec2-81.1821.1..eu-west-1.compute.amazonaws.com:/tmp
You can replace the user ec2-user to ubuntu or any other which is associate to that machine I dont think root work. Let me know is that works for you
I'm remote debugging a qt application from one ubuntu machine to another ubuntu one.
I can do it from the console with:
root#eclipsePC# sudo ssh apppcIP -X
root#appPC# export DISPLAY=:0.0
root#appPC# gdb myApplication
Now I'm trying to do the same with Eclipse cdt (starting eclipse with sudo). I've defined the remote connection as a Linux type system. It works for application with no graphics, but for my qt application I get:
Listening on port 2345 Remote debugging from host "myEclipseIP"
myApp: cannot connect to X server
Child exited with status 1
GDBserver exiting logout
I've tried doing
root#appPC# xhost +
root#appPC# export DISPLAY=:ECLIPSEPCIP:0.0
but it didn't work. Anyone knows how to do this?
Thanks
I've added the argument -display ECLIPSEPCIP:0.0 in the debug config and now it starts, but in the appPC instead of the host ECLIPSEPC.
You can enforce ssh X11 forwarding using the ssh config file:
Add the following lines to your $HOME/.ssh/config:
Host apppcIP
ForwardX11 yes
I guess there should be also an option in eclipse to configure -X for the ssh connection, but I'm not sure and have no eclipse for testing. However, the solution shown above will work regardless of eclipse's feature set.
Further, you should not start eclipse as root, also root to root ssh connections are considered insecure. Make sure the regular user can connect to the remote host and execute the necessary commands there.