X client forwarded over SSH "cannot open display: localhost:11.0"

  • I have enabled X forwarding on remote machine where SSH server is running:

    # grep -i forward /etc/ssh/sshd_config 
    X11Forwarding yes
    # 
    

    On local machine, I have started SSH client with -X flag which instructs the SSH server, running on remote machine, to set up a X-server proxy. In addition, it creates the $DISPLAY variable which points to this proxy and calls the xauth to install a proxy key which authenticates to this X-server proxy on remote machine:

    # echo "$DISPLAY"
    localhost:11.0
    # xauth list | grep 11
    A58/unix:11  MIT-MAGIC-COOKIE-1  39324086672d1ae35e373476c3891a77
    # 
    

    However, X clients on remote machine do not start properly:

    # wireshark 
    
    (wireshark:10083): Gtk-WARNING **: cannot open display: localhost:11.0
    # xterm
    Warning: This program is an suid-root program or is being run by the root user.
    The full text of the error or warning message cannot be safely formatted
    in this environment. You may get a more descriptive message by running the
    program as a non-root user or by removing the suid bit on the executable.
    xterm: Xt error: Can't open display: %s
    # 
    

    X forwarding doesn't use xhost so at least this can be excluded. I tried to find some useful log entries both on machine where SSH server is running and machine where SSH client is running with find /var/log/ -mmin -5 -type f command, but this did not give any hints. SSH server version is OpenSSH_5.9p1 and SSH client version is OpenSSH_5.2p1. Output of /tmp/.X11-unix/ directory on remote machine can be seen below:

    # ls -la /tmp/.X11-unix/
    total 0
    drwxrwxrwt 2 root root 40 Dec  9 15:44 .
    drwxrwxrwt 4 root root 80 Jan 13 09:17 ..
    # 
    

    As seen above, there are no Unix domain sockets there. Output of strace xterm is following:

    # strace xterm 
    execve("/usr/bin/xterm", ["xterm"], [/* 16 vars */]) = 0
    brk(0)                                  = 0x9e50000
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bd000
    access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
    open("/etc/ld.so.cache", O_RDONLY)      = 3
    fstat64(3, {st_mode=S_IFREG|0644, st_size=42995, ...}) = 0
    mmap2(NULL, 42995, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77b2000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXft.so.2", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\3604\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=82952, ...}) = 0
    mmap2(NULL, 85732, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb779d000
    mmap2(0xb77b1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13) = 0xb77b1000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXaw.so.7", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\327\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=428900, ...}) = 0
    mmap2(NULL, 432592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7733000
    mmap2(0xb7796000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x62) = 0xb7796000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/libutempter.so.0", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\6\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=4572, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7732000
    mmap2(NULL, 7432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7730000
    mmap2(0xb7731000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0xb7731000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/lib/i386-linux-gnu/libtinfo.so.5", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0Pd\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=125416, ...}) = 0
    mmap2(NULL, 129100, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7710000
    mmap2(0xb772d000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c) = 0xb772d000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/lib/i386-linux-gnu/i686/cmov/libc.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240o\1\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0755, st_size=1413288, ...}) = 0
    mmap2(NULL, 1427832, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb75b3000
    mprotect(0xb7709000, 4096, PROT_NONE)   = 0
    mmap2(0xb770a000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x156) = 0xb770a000
    mmap2(0xb770d000, 10616, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb770d000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libfontconfig.so.1", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300J\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=215828, ...}) = 0
    mmap2(NULL, 219492, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb757d000
    mmap2(0xb75b1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x33) = 0xb75b1000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libX11.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240g\1\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=1273544, ...}) = 0
    mmap2(NULL, 1277496, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7445000
    mmap2(0xb7579000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133) = 0xb7579000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXmu.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200N\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=102028, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7444000
    mmap2(NULL, 101644, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb742b000
    mmap2(0xb7443000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x18) = 0xb7443000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXt.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\315\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=380284, ...}) = 0
    mmap2(NULL, 380628, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb73ce000
    mmap2(0xb7427000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x59) = 0xb7427000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libICE.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300:\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=92148, ...}) = 0
    mmap2(NULL, 102224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb73b5000
    mmap2(0xb73cb000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0xb73cb000
    mmap2(0xb73cd000, 3920, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb73cd000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libfreetype.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\202\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=632928, ...}) = 0
    mmap2(NULL, 635732, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7319000
    mmap2(0xb73b0000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96) = 0xb73b0000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXrender.so.1", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\25\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=35744, ...}) = 0
    mmap2(NULL, 38540, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb730f000
    mmap2(0xb7318000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8) = 0xb7318000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXext.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`,\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=70320, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb730e000
    mmap2(NULL, 73416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72fc000
    mmap2(0xb730d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb730d000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXpm.so.4", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P%\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=67776, ...}) = 0
    mmap2(NULL, 66460, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72eb000
    mmap2(0xb72fb000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb72fb000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libz.so.1", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\32\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=90192, ...}) = 0
    mmap2(NULL, 92868, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72d4000
    mmap2(0xb72ea000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0xb72ea000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/lib/i386-linux-gnu/libexpat.so.1", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\[email protected]#\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=165192, ...}) = 0
    mmap2(NULL, 167996, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72aa000
    mprotect(0xb72d0000, 4096, PROT_NONE)   = 0
    mmap2(0xb72d1000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26) = 0xb72d1000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libxcb.so.1", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\221\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=136968, ...}) = 0
    mmap2(NULL, 139728, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7287000
    mmap2(0xb72a8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x20) = 0xb72a8000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/lib/i386-linux-gnu/i686/cmov/libdl.so.2", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\n\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=9844, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7286000
    mmap2(NULL, 12408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7282000
    mmap2(0xb7284000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7284000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libSM.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \26\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=28320, ...}) = 0
    mmap2(NULL, 31120, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb727a000
    mmap2(0xb7281000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7281000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXau.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\n\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=8592, ...}) = 0
    mmap2(NULL, 11384, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7277000
    mmap2(0xb7279000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7279000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/usr/lib/i386-linux-gnu/libXdmcp.so.6", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\17\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=19364, ...}) = 0
    mmap2(NULL, 22144, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7271000
    mmap2(0xb7276000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4) = 0xb7276000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/lib/i386-linux-gnu/libuuid.so.1", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\[email protected]\22\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=17992, ...}) = 0
    mmap2(NULL, 20716, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb726b000
    mmap2(0xb726f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb726f000
    close(3)                                = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb726a000
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7269000
    set_thread_area({entry_number:-1 -> 6, base_addr:0xb7269700, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
    mprotect(0xb726f000, 4096, PROT_READ)   = 0
    mprotect(0xb7284000, 4096, PROT_READ)   = 0
    mprotect(0xb72a8000, 4096, PROT_READ)   = 0
    mprotect(0xb72d1000, 8192, PROT_READ)   = 0
    mprotect(0xb73b0000, 16384, PROT_READ)  = 0
    mprotect(0xb7427000, 4096, PROT_READ)   = 0
    mprotect(0xb75b1000, 4096, PROT_READ)   = 0
    mprotect(0xb770a000, 8192, PROT_READ)   = 0
    mprotect(0xb772d000, 8192, PROT_READ)   = 0
    mprotect(0x80a9000, 4096, PROT_READ)    = 0
    mprotect(0xb77db000, 4096, PROT_READ)   = 0
    munmap(0xb77b2000, 42995)               = 0
    geteuid32()                             = 0
    getegid32()                             = 0
    getuid32()                              = 0
    getgid32()                              = 0
    setuid32(0)                             = 0
    brk(0)                                  = 0x9e50000
    brk(0x9e71000)                          = 0x9e71000
    ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
    open("/proc/meminfo", O_RDONLY)         = 3
    fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000
    read(3, "MemTotal:        2039468 kB\nMemF"..., 1024) = 1024
    close(3)                                = 0
    munmap(0xb77bc000, 4096)                = 0
    socket(PF_NETLINK, SOCK_RAW, 0)         = 3
    bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
    getsockname(3, {sa_family=AF_NETLINK, pid=16008, groups=00000000}, [12]) = 0
    time(NULL)                              = 1389599545
    sendto(3, "\24\0\0\0\26\0\1\0039\233\323R\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
    recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0009\233\323R\210>\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 164
    recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0009\233\323R\210>\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 320
    recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0009\233\323R\210>\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
    close(3)                                = 0
    socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
    connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
    close(3)                                = 0
    socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
    connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
    close(3)                                = 0
    open("/etc/nsswitch.conf", O_RDONLY)    = 3
    fstat64(3, {st_mode=S_IFREG|0644, st_size=475, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000
    read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 475
    read(3, "", 4096)                       = 0
    close(3)                                = 0
    munmap(0xb77bc000, 4096)                = 0
    open("/etc/host.conf", O_RDONLY)        = 3
    fstat64(3, {st_mode=S_IFREG|0644, st_size=9, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000
    read(3, "multi on\n", 4096)             = 9
    read(3, "", 4096)                       = 0
    close(3)                                = 0
    munmap(0xb77bc000, 4096)                = 0
    getpid()                                = 16008
    open("/etc/resolv.conf", O_RDONLY)      = 3
    fstat64(3, {st_mode=S_IFREG|0644, st_size=108, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000
    read(3, "domain data.ee\nsearch data.ee li"..., 4096) = 108
    read(3, "", 4096)                       = 0
    close(3)                                = 0
    munmap(0xb77bc000, 4096)                = 0
    open("/etc/ld.so.cache", O_RDONLY)      = 3
    fstat64(3, {st_mode=S_IFREG|0644, st_size=42995, ...}) = 0
    mmap2(NULL, 42995, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77b2000
    close(3)                                = 0
    access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
    open("/lib/i386-linux-gnu/i686/cmov/libnss_files.so.2", O_RDONLY) = 3
    read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\32\0\0004\0\0\0"..., 512) = 512
    fstat64(3, {st_mode=S_IFREG|0644, st_size=42628, ...}) = 0
    mmap2(NULL, 45768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb725d000
    mmap2(0xb7267000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9) = 0xb7267000
    close(3)                                = 0
    mprotect(0xb7267000, 4096, PROT_READ)   = 0
    munmap(0xb77b2000, 42995)               = 0
    open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 3
    fstat64(3, {st_mode=S_IFREG|0644, st_size=256, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000
    read(3, "127.0.0.1\tlocalhost\n127.0.1.1\tTh"..., 4096) = 256
    read(3, "", 4096)                       = 0
    close(3)                                = 0
    munmap(0xb77bc000, 4096)                = 0
    socket(PF_INET, SOCK_STREAM|SOCK_CLOEXEC, IPPROTO_TCP) = 3
    setsockopt(3, SOL_TCP, TCP_NODELAY, [1], 4) = 0
    setsockopt(3, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
    connect(3, {sa_family=AF_INET, sin_port=htons(6011), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 ETIMEDOUT (Connection timed out)
    close(3)                                = 0
    open("/usr/lib/i386-linux-gnu/X11/XtErrorDB", O_RDONLY) = -1 ENOENT (No such file or directory)
    getuid32()                              = 0
    geteuid32()                             = 0
    getuid32()                              = 0
    write(2, "Warning: This program is an suid"..., 302Warning: This program is an suid-root program or is being run by the root user.
    The full text of the error or warning message cannot be safely formatted
    in this environment. You may get a more descriptive message by running the
    program as a non-root user or by removing the suid bit on the executable.
    ) = 302
    write(2, "xterm: ", 7xterm: )                  = 7
    write(2, "Xt error: Can't open display: %s"..., 33Xt error: Can't open display: %s
    ) = 33
    exit_group(1)                           = ?
    # 
    

    strace xterm hangs for 60 seconds after printing the line below:

    connect(3, {sa_family=AF_INET, sin_port=htons(6011), sin_addr=inet_addr("127.0.0.1")}, 16

    EDIT: after allowing connections from 127.0.0.0/8 to 127.0.0.0/8, I was able to pass the connect system call and now the issue seems to be an invalid MIT-MAGIC-COOKIE-1 key:

    connect(3, {sa_family=AF_INET, sin_port=htons(6010), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
    getpeername(3, {sa_family=AF_INET, sin_port=htons(6010), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0
    uname({sys="Linux", node="ThinkCentreA58", ...}) = 0
    access("/root/.Xauthority", R_OK)       = 0
    open("/root/.Xauthority", O_RDONLY)     = 4
    fstat64(4, {st_mode=S_IFREG|0600, st_size=522, ...}) = 0
    mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7726000
    read(4, "\0\0\0\4\177\0\0\1\0\0041000\0\22MIT-MAGIC-COOKIE"..., 4096) = 522
    read(4, "", 4096)                       = 0
    close(4)                                = 0
    munmap(0xb7726000, 4096)                = 0
    getsockname(3, {sa_family=AF_INET, sin_port=htons(37220), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0
    fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR)
    fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
    fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
    poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
    writev(3, [{"l\0\v\0\0\0\22\0\20\0\0\0", 12}, {"", 0}, {"MIT-MAGIC-COOKIE-1", 18}, {"\0\0", 2}, {"I%f9\331-f\f\235i\321\354:a~\341", 16}, {"", 0}], 6) = 48
    recv(3, 0x94b0ec8, 8, 0)                = -1 EAGAIN (Resource temporarily unavailable)
    poll([{fd=3, events=POLLIN}], 1, -1)    = 1 ([{fd=3, revents=POLLIN}])
    recv(3, "\0\36\v\0\0\0\10\0", 8, 0)     = 8
    recv(3, "Invalid MIT-MAGIC-COOKIE-1 key\0\0", 32, 0) = 32
    write(2, "Invalid MIT-MAGIC-COOKIE-1 key", 30Invalid MIT-MAGIC-COOKIE-1 key) = 30
    shutdown(3, 2 /* send and receive */)   = 0
    close(3)                                = 0
    open("/usr/lib/i386-linux-gnu/X11/XtErrorDB", O_RDONLY) = -1 ENOENT (No such file or directory)
    getuid32()                              = 0
    geteuid32()                             = 0
    getuid32()                              = 0
    write(2, "Warning: This program is an suid"..., 302Warning: This program is an suid-root program or is being run by the root user.
    The full text of the error or warning message cannot be safely formatted
    in this environment. You may get a more descriptive message by running the
    program as a non-root user or by removing the suid bit on the executable.
    ) = 302
    write(2, "xterm: ", 7xterm: )                  = 7
    write(2, "Xt error: Can't open display: %s"..., 33Xt error: Can't open display: %s
    ) = 33
    exit_group(1)                           = ?
    # 
    

    Any ideas how to proceed with troubleshooting?

    This problem happens with any x program, even say xterm?

    @Faheem Mitha yes. Example with `xterm` can be seen in my initial post.

    Sorry, Martin. I must be going blind. Note, you can add a per host instruction `ForwardX11 yes`, in `.ssh/config`. Did you make sure to restart the remote server after changing the file? `

    I never had to deal with problems like that, but when I ask my machines to `xauth list` I always get two similar entries of the form `:` and `/unix:` you seem to have only a `/unix` entry. Maybe your xproxy is not listening on `:`?

    The `#` suggests you are logging in as root. If that is true, why?

    @Faheem Mitha Yes, the SSH server was restarted after enabling X11 forwarding. The remote machine has no other users than root. @Bananguin you see only the `/unix` entry because I pipe the output of `xauth list` to grep.

    Sometimes root is treated differently than other users. If possible, test with a normal user. In any case, doing things as root if you don't have to is generally a bad idea.

    Also try using `ssh -Y` instead of `ssh -X`, that might help you get around authentication issues.

    @FaheemMitha I created a non-root user to a machine where SSH server is running and logged in to SSH server with this non-root user, but unfortunately this did not change anything. @terdon I tried with `ssh -Y`, but this did not help. I still receive the `cannot open display` error-message.

    Martin, is this machine different from the machine you tried originally? Regardless, can you reproduce this problem on sshing to multiple machines? If so, the problem is likely local (on your machine).

    @FaheemMitha Problem is probably on remote machine where SSH server is running as X forwarding over SSH works with other remote machines. This problematic remote machine differs from other remote machines in a way that it does not have X server running. It's a headless server. However, this shouldn't be a problem, should it?

    Post the output of `strace xterm` and `ls -la /tmp/.X11-unix/`

    does xeyes work, it can be run as root

    @Gilles I updated my initial post with output of `strace xterm` and `ls -la /tmp/.X11-unix/`. @Thorsten looks like the `xeyes` are not available in newer Debian releases. However, `xterm` can also be run as a root.

    Hmm, hanging on `connect`. Does `netstat -lnt |grep :60` show anything from inside the SSH connection? Firewall? What does `iptables -nvL` say (as root)?

    Adding the `-v` flag to ssh is often helpful in troubleshooting as well.

    Run `sshd -d` on the server side and post the output during ssh -X connect.

    @Gilles @alanc @Nils Once I added `iptables -I INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT` I was able to pass the `connect` system call. Thanks! However, X clients are still not able to connect to X server and this time it seems to be because of `xauth`("Invalid MIT-MAGIC-COOKIE-1 key"). I have updated my initial post with new `strace xterm` output. I have the MIT-MAGIC-COOKIE-1 corresponding to my $DISPLAY variable in `xauth list` on a remote machine. Is there a way to see, that this key is not the correct one?

    This normally happens automatically. Does it work if you connect to a non-root account? Is your home directory `/home/username` or something else (it matters for some security frameworks)? What distribution are you using? Do you have `/etc/ssh/rc` or `~/.ssh/rc` (if you have them, they need to add the cookie manually)?

    @Gilles X11 forwarding works if I start the SSH client under root user in local machine. If I start the SSH client under non-root user, I receive this "Invalid MIT-MAGIC-COOKIE-1 key" error. It doesn't matter if I connect to root or non-root account on remote machine. On local machine, my home directory is `/home/username`. I'm running FreeBSD on local machine and Debian on remote one. I don't have `/etc/ssh/rc` or `~/.ssh/rc` files. I guess it's some sort of permissions issue?

    @Martin I don't see why any permissions would matter. Does it work if you create a fresh account? I presume other X applications work locally? Have you tried with no `~/.ssh/config`? Is there any difference between `ssh -X` and `ssh -Y`?

    @Gilles I tried with a fresh account, but it did not help. Local X clients work well. I don't have `~/.ssh/config` file. There is no difference between `ssh -X` and `ssh -Y`. The only difference I see between root and non-root account is that right after the SSH connection establishment, there is a `debug1: permanently_set_uid: 0/0` line printed if I start the SSH client under non-root user.

    What is `DISPLAY` locally: `myhostname:0` or `:0` (in the root case, and in the non-root case)? Does FreeBSD have some kind of security framework similar to SELinux and AppArmor on Linux that might prevent the SSH process from reading the local cookie or a firewall setting that would prevent it from connecting to the X server? Can you ktrace or dtrace the SSH client to see what kind of calls it makes (if any) when a remote application tries to open the display? (Beware if you post the trace: at the beginning, the client will be reading your key or password, be sure not to post that part.)

    I remember having X display errors because of inconsistencies on the host name. Is `A58` the only name of the remote host?

    Check if the ssh daemon configuration on your server allows X11 forwarding. Check out how to figure that out and how to enable it: http://xmodulo.com/2012/11/how-to-enable-x11-forwarding-using-ssh.html. note that it also mentions installing xauth on the remote host. BTW can you open a ssh to localhost and forward X11 through it?

  • This is the very basic way of how it should work:

    On the client / local machine (Xorg installed on client) try this:

    $ xhost +
    access control disabled, clients can connect from any host
    

    Later try:

    $ ssh -AY [email protected] xterm
    

    or

    $ ssh -AX [email protected] xterm
    

    With non standard clients xhost may be needed.

    check 9.3.5.6. Nonstandard X clients

    As far as I know, `xhost` ACL is not even checked if X forwarding is done over SSH.

    You are right, but for some reasons sometimes doesn't work as expected. you can also try this: - `X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost yes` more on: X-Forwarding

  • I had the same issue. Xauth was missing on remote.

    sudo apt-get install xauth

    solved the issue.

    Thank you so much, I lost 2 hours of my life to this problem before you came along!

    The fact I have to manually install this on RHEL 7 seems obnoxious.

  • First a point of debugging methodology, when you run xterm as root, it does not print any useful diagnostic messages, so when troubleshooting xterm do it as an ordinary user.

    Now as to your problem, There Are two types of X11 forwarding, secure and privileged, and you probably did not enable ForwardX11Trusted yes. You don't need it on Debian and derivatives because they always enable it.

    So some background on how we got here. X11 is not the most secure protocol. It was designed in friendlier times, and there have been a number of efforts to make it more secure over the years including running it through a secure shell tunnel. Tunneling X11 reduces almost all of X11's vulnerabilities. One that remains is the risk of displaying windows from untrusted systems. An effort was made to declare a safe subset of the protocol that would impede deployment of key-sniffers and similar. The project, although technically successful, has some real world challenges like the odd fact that finding programs that only use the safe subset is really hard because a lot of the disabled functionality is very handy, and since most people write for the local machine which has permission to use the full protocol there is little drive to create programs that work with the restricted subset.

    The other possibility is that the X11 forwarding is only enabled on a specific host. The easiest way to check if this is the problem is to use the -Y flag with ssh to enable trusted X11 forwarding. If that solves it add both forward allow lines to the relevant host sections of your ssh config file.

  • On my (standard) Ubuntu environment I got the xterm over ssh failure message "... suid-root program..." (see above), even with all the proper forwarding settings. This behavior went away a soon sshd is configured to use only IPv4, because of an X11 forwarding bug in SSH if IPv6 on the system is disabled.

    vi /etc/ssh/sshd_config
    AddressFamily inet
    
    service ssh reload
    

    I have IPv6 disabled, so this worked like a champ! Thank you!

  • I edited

    vim /etc/hosts
    

    added the following lines

    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    

    and my problem is fixed :)

    I am using Debian "testing" and due to some updates my "hosts" file was changed. The line with the localhost entry was commented out. So your solution gave me the hint I needed. Thanks a lot.

  • i was suffering from the same problem , working just fine after do the following

    1. from the non-working terminal (root in my case) i set the display: export DISPLAY=':0' and you can add it in /etc/environment to make it permanent
    2. from a working terminal (user terminal in my case) run xhost +local:

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM