Remote X11 Connections Blocked on Leopard vs. Tiger
Arguably belatedly, I made the transition from Tiger to Leopard on my various machines yesterday. In general, the transition seemed to go smoothly; however, some bumps have been encountered with X11 (Xquartz 2.1.5 - (xorg-server 1.3.0-apple22) (2.1.5)). A partial work-around to start-up issues resolved ( http://lists.macosforge.org/pipermail/xquartz-dev/2009-March/002204.html), I am now running into remote connectivity issues. I am not using SSH X11 forwarding, DISPLAY seems to be correct on both sides of the connection, all four combinations of X11.app security settings seem to have no impact and neither xhost nor xhost + seem to work: aesop% echo $DISPLAY /tmp/launch-3n3Zy2/:0 % ping -c 2 fenster.local PING fenster.local (192.168.1.14): 56 data bytes 64 bytes from 192.168.1.14: icmp_seq=0 ttl=128 time=0.796 ms 64 bytes from 192.168.1.14: icmp_seq=1 ttl=128 time=0.290 ms aesop% xhost + access control disabled, clients can connect from any host aesop% slogin fenster.local fenster.local's password: Last login: Wed Mar 18 19:32:47 2009 from 192.168.1.2 fenster% echo $DISPLAY 192.168.1.2:0.0 fenster% ping aesop.local 56 2 PING aesop.local. (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0 ms 64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0 ms fenster% xemacs & X server not responding : "192.168.1.2:0.0" aesop% grep X11 /etc/ssh* ~/.ssh/* /etc/ssh_config:# ForwardX11 no /etc/ssh_config.system_default:# ForwardX11 no /etc/sshd_config:#X11Forwarding no /etc/sshd_config:#X11DisplayOffset 10 /etc/sshd_config:#X11UseLocalhost yes /etc/sshd_config:# X11Forwarding no /etc/sshd_config.system_default:#X11Forwarding no /etc/sshd_config.system_default:#X11DisplayOffset 10 /etc/sshd_config.system_default:#X11UseLocalhost yes /etc/sshd_config.system_default:# X11Forwarding no fenster% grep X11 /etc/ssh* ~/.ssh/* /etc/ssh_config:# ForwardX11 no /etc/sshd_config:#X11Forwarding no /etc/sshd_config:#X11DisplayOffset 10 /etc/sshd_config:#X11UseLocalhost yes /etc/sshd_config:# X11Forwarding no This all worked OK under Tiger. Any thoughts on what I might be missing or miss-setting here? Thanks, Grant
Is the local Mac firewall allowing connections? Merle On Mar 18, 2009, at 11:23 PM, Grant Erickson wrote:
Arguably belatedly, I made the transition from Tiger to Leopard on my various machines yesterday.
In general, the transition seemed to go smoothly; however, some bumps have been encountered with X11 (Xquartz 2.1.5 - (xorg-server 1.3.0-apple22) (2.1.5)).
A partial work-around to start-up issues resolved ( http://lists.macosforge.org/pipermail/xquartz-dev/2009-March/002204.html) , I am now running into remote connectivity issues.
I am not using SSH X11 forwarding, DISPLAY seems to be correct on both sides of the connection, all four combinations of X11.app security settings seem to have no impact and neither xhost nor xhost + seem to work:
aesop% echo $DISPLAY /tmp/launch-3n3Zy2/:0
% ping -c 2 fenster.local PING fenster.local (192.168.1.14): 56 data bytes 64 bytes from 192.168.1.14: icmp_seq=0 ttl=128 time=0.796 ms 64 bytes from 192.168.1.14: icmp_seq=1 ttl=128 time=0.290 ms
aesop% xhost + access control disabled, clients can connect from any host
aesop% slogin fenster.local fenster.local's password: Last login: Wed Mar 18 19:32:47 2009 from 192.168.1.2
fenster% echo $DISPLAY 192.168.1.2:0.0
fenster% ping aesop.local 56 2 PING aesop.local. (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0 ms 64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0 ms
fenster% xemacs & X server not responding : "192.168.1.2:0.0"
aesop% grep X11 /etc/ssh* ~/.ssh/* /etc/ssh_config:# ForwardX11 no /etc/ssh_config.system_default:# ForwardX11 no /etc/sshd_config:#X11Forwarding no /etc/sshd_config:#X11DisplayOffset 10 /etc/sshd_config:#X11UseLocalhost yes /etc/sshd_config:# X11Forwarding no /etc/sshd_config.system_default:#X11Forwarding no /etc/sshd_config.system_default:#X11DisplayOffset 10 /etc/sshd_config.system_default:#X11UseLocalhost yes /etc/sshd_config.system_default:# X11Forwarding no
fenster% grep X11 /etc/ssh* ~/.ssh/* /etc/ssh_config:# ForwardX11 no /etc/sshd_config:#X11Forwarding no /etc/sshd_config:#X11DisplayOffset 10 /etc/sshd_config:#X11UseLocalhost yes /etc/sshd_config:# X11Forwarding no
This all worked OK under Tiger. Any thoughts on what I might be missing or miss-setting here?
Thanks,
Grant
_______________________________________________ Xquartz-dev mailing list Xquartz-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/xquartz-dev
On Mar 18, 2009, at 20:23, Grant Erickson wrote:
I am not using SSH X11 forwarding
You should.
, DISPLAY seems to be correct on both sides of the connection, all four combinations of X11.app security settings seem to have no impact and neither xhost nor xhost + seem to work:
aesop% echo $DISPLAY /tmp/launch-3n3Zy2/:0
% ping -c 2 fenster.local PING fenster.local (192.168.1.14): 56 data bytes 64 bytes from 192.168.1.14: icmp_seq=0 ttl=128 time=0.796 ms 64 bytes from 192.168.1.14: icmp_seq=1 ttl=128 time=0.290 ms
aesop% xhost + access control disabled, clients can connect from any host
aesop% slogin fenster.local fenster.local's password: Last login: Wed Mar 18 19:32:47 2009 from 192.168.1.2
fenster% echo $DISPLAY 192.168.1.2:0.0
fenster% ping aesop.local 56 2 PING aesop.local. (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0 ms 64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0 ms
fenster% xemacs & X server not responding : "192.168.1.2:0.0"
aesop% grep X11 /etc/ssh* ~/.ssh/* /etc/ssh_config:# ForwardX11 no /etc/ssh_config.system_default:# ForwardX11 no /etc/sshd_config:#X11Forwarding no /etc/sshd_config:#X11DisplayOffset 10 /etc/sshd_config:#X11UseLocalhost yes /etc/sshd_config:# X11Forwarding no /etc/sshd_config.system_default:#X11Forwarding no /etc/sshd_config.system_default:#X11DisplayOffset 10 /etc/sshd_config.system_default:#X11UseLocalhost yes /etc/sshd_config.system_default:# X11Forwarding no
fenster% grep X11 /etc/ssh* ~/.ssh/* /etc/ssh_config:# ForwardX11 no /etc/sshd_config:#X11Forwarding no /etc/sshd_config:#X11DisplayOffset 10 /etc/sshd_config:#X11UseLocalhost yes /etc/sshd_config:# X11Forwarding no
Seeing as how you're not using X forwarding, your ssh settings are irrelevant.
This all worked OK under Tiger. Any thoughts on what I might be missing or miss-setting here?
Maybe the X server on aesop isn't :0. What does 'ps x | grep X11' report?
On 3/18/09 8:55 PM, Jeremy Huddleston wrote:
On Mar 18, 2009, at 20:23, Grant Erickson wrote:
I am not using SSH X11 forwarding
You should.
Thanks, I'll look into it. Because the connections in question here are only within the boundaries of the on-premise network, the security risk of not doing so is negligible.
This all worked OK under Tiger. Any thoughts on what I might be missing or miss-setting here?
Maybe the X server on aesop isn't :0. What does 'ps x | grep X11' report?
% ps x | grep X11 7345 ?? S 0:00.02 /bin/sh /usr/X11/bin/startx 7416 ?? S 0:00.01 xinit /usr/X11/lib/X11/xinit/xinitrc -- /usr/X11/bin/X :0 -auth /Users/gerickson/.serverauth.7345 7417 ?? S 0:00.32 /usr/X11/bin/X :0 -auth /Users/gerickson/.serverauth.7345 Regards, Grant
On Mar 18, 2009, at 21:09, Grant Erickson wrote:
On 3/18/09 8:55 PM, Jeremy Huddleston wrote:
On Mar 18, 2009, at 20:23, Grant Erickson wrote:
I am not using SSH X11 forwarding
You should.
Thanks, I'll look into it. Because the connections in question here are only within the boundaries of the on-premise network, the security risk of not doing so is negligible.
Yeah, but it also makes things easier ;) Just edit sshd_config on the remote side and ssh_config on the local side.
This all worked OK under Tiger. Any thoughts on what I might be missing or miss-setting here?
Maybe the X server on aesop isn't :0. What does 'ps x | grep X11' report?
% ps x | grep X11 7345 ?? S 0:00.02 /bin/sh /usr/X11/bin/startx 7416 ?? S 0:00.01 xinit /usr/X11/lib/X11/xinit/xinitrc -- /usr/X11/bin/X :0 -auth /Users/gerickson/.serverauth.7345 7417 ?? S 0:00.32 /usr/X11/bin/X :0 -auth /Users/gerickson/.serverauth.7345
You're using xauth, so you need to install the auth cert on the other system. I'm guessing you want to skip that, so you need to disable the Authenticate connections option in X11 Preferences (restart is required).
On 3/18/09 8:23 PM, Grant Erickson wrote:
Arguably belatedly, I made the transition from Tiger to Leopard on my various machines yesterday.
In general, the transition seemed to go smoothly; however, some bumps have been encountered with X11 (Xquartz 2.1.5 - (xorg-server 1.3.0-apple22) (2.1.5)).
A partial work-around to start-up issues resolved ( http://lists.macosforge.org/pipermail/xquartz-dev/2009-March/002204.html), I am now running into remote connectivity issues.
I am not using SSH X11 forwarding, DISPLAY seems to be correct on both sides of the connection, all four combinations of X11.app security settings seem to have no impact and neither xhost nor xhost + seem to work
The Leopard firewall is also wide open, set to "Allow all incoming connections". Regards, Grant
On 3/18/09 8:23 PM, Grant Erickson wrote:
Arguably belatedly, I made the transition from Tiger to Leopard on my various machines yesterday.
In general, the transition seemed to go smoothly; however, some bumps have been encountered with X11 (Xquartz 2.1.5 - (xorg-server 1.3.0-apple22) (2.1.5)).
I am not using SSH X11 forwarding, DISPLAY seems to be correct on both sides of the connection, all four combinations of X11.app security settings seem to have no impact and neither xhost nor xhost + seem to work.
FWIW, I wish I could point at some particular action; however, a few reboots and diagnostic runs through with Wireshark and this now appears to be working correctly both with and without X11 forwarding. Thanks all for the pointers and suggestions. Regards, Grant
participants (3)
-
Grant Erickson
-
Jeremy Huddleston
-
Merle Reinhart