X-Tunnel

Aus crazylinux.de
Zur Navigation springen Zur Suche springen

How to enable X tunnels while changing user under UNIX

1 Scenario

Ever wanted to use X tunneling while you have logged in Unix box and made an su to another user. The typical error is

Xlib: connection to "host.domain.de:11.0" refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted
/usr/X/bin/xterm Xt error: Can't open display: host.domain.de:

2 Solution

So if you do need to lunch X app from present user on local machine, you have to add the authorized cookie into pre-sent user you're dealing with:

1. check the display no. where you switch from:

env |grep DISPLAY

2. query the xauth cookies by issuing:

xauth list

3. switch to the user you prefer:

sudo su - another_user

4. add extra authorized key at present user:

xauth add "extra entry queried from procedure #2"

3 Practice procedures

[jason@localhost jason]$ env | grep DISPLAY
DISPLAY=localhost:12.0

[jason@locahost jason]$ xauth list
localhost/unix:0 MIT-MAGIC-COOKIE-1 84654a48ba11956ccf7f54f01fa7d8d0
localhost.sinica.edu.tw:0 MIT-MAGIC-COOKIE-1 84654a48ba11956ccf7f54f01fa7d8d0
localhost/unix:15 MIT-MAGIC-COOKIE-1 411a9000746c56815b1afb9bfe60d236
localhost/unix:14 MIT-MAGIC-COOKIE-1 c6fe37c11291ebcffd94645b35d3c196
localhost/unix:13 MIT-MAGIC-COOKIE-1 283dcbd133a8db656f8e9dbb24561a53
localhost/unix:11 MIT-MAGIC-COOKIE-1 7c7b8247e565eba285b29524d7decdfc
localhost/unix:12 MIT-MAGIC-COOKIE-1 16054c424ae50b3189d4a9f1ddf00807
localhost/unix:10 MIT-MAGIC-COOKIE-1 39fa101fe29465f1cc0b50a11a24203d

[jason@localhost jason]$ sudo su - kevin
Password:

[kevin@localhost kevin]# xauth add localhost/unix:12 MIT-MAGIC-COOKIE-1 39fa101fe29465f1cc0b50a11a24203d
[kevin@localhost kevin]# xterm