Reputation: 829
X11 Forwarding for non-root user not working
Environmental Details
Relevant bits of server's /etc/ssh/sshd_config:
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost no
Relevant bits of client's $HOME/.ssh/config:
Host *
XAuthLocation /opt/X11/bin/xauth
ForwardX11 yes
ForwardX11Trusted yes
Using XQuartz on macOS High Sierra.
The Problem
I'm spinning up a vagrant Ubuntu 18.04 VM. I've added a second user outside of the vagrant user.
ssh -X vagrant@ubuntu-bionic xclock
I can get X11Forwarding to work when I login as the vagrant user. I cannot get X11Forwarding to work when I login as the ops user.
ssh -X ops@ubuntu-bionic xclock
X11 forwarding request failed on channel 0
Error: Can't open display:
I want to be able to get it to work with the ops user. From the client, $DISPLAY has a value. When I login with vagrant, $DISPLAY has a value. When I login as ops, $DISPLAY is unset. If I set $DISPLAY to match what it is with the vagrant user, I get the same error:
Error: Can't open display: localhost:10.0
when X11UseLocalhost yes
Error: Can't open display: ubuntu-bionic:10.0
when X11UseLocalhost no
If I login as ops and then sudo su - vagrant, $DISPLAY remains unset. If I login as vagrant and then sudo su - ops, $DISPLAY is inherited.
What am I missing to get this to work? I've run xhost + in each user (including sudo -s root xhost +) and it still doesn't work.
If I add -vv to my ssh commands, I see this message when connecting as vagrant:
X11 forwarding request accepted on channel 0
and as ops:
Remote: X11 forwarding disabled in user configuration file.
X11 forwarding request failed on channel 0
Upvotes: 9
Views: 8659
Answers (2)
Reputation: 2035
On macOS BigSur with XQuartz 2.8.1 (xorg-server 1.20.11):
Setting the following into my Vagrantfile solved it for me (for ubuntu 20.04):
config.vm.provision "shell",
inline: "apt-get update && apt-get upgrade -y && apt-get install xauth -y"
config.ssh.forward_agent = true
config.ssh.forward_x11 = true
The whole Vagrantfile would be:
Vagrant.require_version ">= 2.2.3"
Vagrant.configure("2") do |config|
config.vm.provider "virtualbox" do |v, override|
override.vm.box = "bento/ubuntu-20.04"
end
config.vm.provision "shell",
inline: "apt-get update && apt-get upgrade -y && apt-get install xauth firefox firefox-geckodriver -y"
config.ssh.forward_agent = true
config.ssh.forward_x11 = true
end
Allows running firefox -no-remote https://stackoverflow.com/ through the X server.
The -no-remote flag is added since it seems to reduce the latency.
As inspired by a guide on How to enable and use SSH X11 Forwarding on Vagrant Instances by Josphat Mutai.
Upvotes: 0
Reputation: 11
I don't get the whole topic, but for my very similar situation it helped to create the users~/.Xauthorityfile. I copied it from the vagrant users home directory and then set the new ownership.
Upvotes: 1
Related Questions
- X11 forwarding of a GUI app running in docker
- X11 forwarding request failed on channel 0
- X11 connection rejected because of wrong authentication
- Warning: No xauth data; using fake authentication data for X11 forwarding
- MacOS High Sierra and X11 forwarding
- How to do X11 forwarding to a virtual machine running on a remote linux host?
- ssh X11 forwarding won't work
- Reverse X11 forwarding from Vagrant for Firefox
- X11 Forwarding Error on Ubuntu, Though It Works On Windows
- failed to open the x11 display : unable to connect