James Hinchey wrote:
> I have an installation of Fedora Core 2 which is refusing remote X
> sessions. Even after setting "xhost +" on my local machine and
> setting the DISPLAY variable on the remote computer, I still get:
>
> Error: Cannot open display
>
>
> It may be a coincidence, but this seems to have started with the
> change to X.org. Any suggestions would be welcome

It's just coincident that the change of security and change over to xorg
happened on the same time. Sorry I don't use FC2, so I can't help you with
that, but you could try to check out the FC1/RH9 XFree86 setup to see the
difference in the setup of security.


//Aho

On Tue, 26 Oct 2004 16:54:25 +0200, J.O. Aho wrote:
> James Hinchey wrote:
>> I have an installation of Fedora Core 2 which is refusing remote X
>> sessions. Even after setting "xhost +" on my local machine and
>> setting the DISPLAY variable on the remote computer, I still get:
>>
>> Error: Cannot open display
>>
>>
>> It may be a coincidence, but this seems to have started with the
>> change to X.org. Any suggestions would be welcome
>
> It's just coincident that the change of security and change over to xorg
> happened on the same time. Sorry I don't use FC2, so I can't help you with
> that, but you could try to check out the FC1/RH9 XFree86 setup to see the
> difference in the setup of security.

These days it might be good practice to avoid the totally wide open "xhost
+"? It is really easy to set up ssh X tunneling. All it takes is setting
an X tunneling configuration parameter in each ssh(d) conf file. Works
great! It transparently tunnels the X traffic back to the user machine.

--
Juhan Leemet
Logicognosis, Inc.

I agree completely, but our system administrators refuse to set up
sshd. For some reason I can't comprehend they seem to think that ssh
is a security problem, but running rsh or telnet isn't. Ordinarily, I
would not use "xhost +", but rather use xhost with the specific remote
system name, but that doesn't work either so I tried the more general
approach.


Juhan Leemet wrote in message news:...
> On Tue, 26 Oct 2004 16:54:25 +0200, J.O. Aho wrote:
> > James Hinchey wrote:
> >> I have an installation of Fedora Core 2 which is refusing remote X
> >> sessions. Even after setting "xhost +" on my local machine and
> >> setting the DISPLAY variable on the remote computer, I still get:
> >>
> >> Error: Cannot open display
> >>
> >>
> >> It may be a coincidence, but this seems to have started with the
> >> change to X.org. Any suggestions would be welcome
> >
> > It's just coincident that the change of security and change over to xorg
> > happened on the same time. Sorry I don't use FC2, so I can't help you with
> > that, but you could try to check out the FC1/RH9 XFree86 setup to see the
> > difference in the setup of security.
>
> These days it might be good practice to avoid the totally wide open "xhost
> +"? It is really easy to set up ssh X tunneling. All it takes is setting
> an X tunneling configuration parameter in each ssh(d) conf file. Works
> great! It transparently tunnels the X traffic back to the user machine.

James Hinchey wrote:

> I agree completely, but our system administrators refuse to set up
> sshd. For some reason I can't comprehend they seem to think that ssh
> is a security problem, but running rsh or telnet isn't.

Wow, I am speechless- I haven't seen such clueless admins. Anyway xhost+ is
a security risk, you should consider using xauth. Here is a mini howto:

http://www.xs4all.nl/~zweije/xauth.html

Charles

Another thing to check is your xdm (or gdm or kdm - whichever you use)
config file (somewhere in /etc/ - depending on distro)

Modern distro's default *dm config files tend to start X with the
"-nolistentcp" option
(that's because nowadays majority of users eiter don't run remote X apps or
use ssh tunneling - with ssh tunneling X calls are done locally by sshd - so
server does not need to listen to remote connection).

If this is the case, and you don't have write perms to you xdm config file,
login at a text-mode linux console (CTRL+ALT+F1), and start a personal X
server manually:

~ $ X :1 &
This will start a new X instance on the next available vc - will also go to
graphics mode.
Go back to your console (CTRL+ALT+F1), and make sure you find out how to
switch to your new X & back. Usually X vc's start from F7, which is already
taken by XDM. Your new X would probably be in either CTRL+ALT+F8 or F9 (some
distros use F8 vc for logging, some don't).

Now you need to start some X apps and a WM
~ $ export DISPLAY=:1
~ $ xterm &
Switch back to your X, and you should see the new xterm. Use it to start
your favorite window-manager (wmaker, twm, etc. for using Gnome/KDE the
typical command names are startkde/startgnome/kde-session/gnome-session).
Also use it to do xhost + .


Note: Always make sure to set DISPLAY to the number of your new server (:1
in this example) before starting an X app. Another option is adding -display
:1 to the application's command-line. e.g.

mylogin@localhost ~$ xhost +
mylogin@localhost ~$ ssh remotehost
Password:
Welcome to RemoteHost
you have 1 new mail message
mylogin@remotehost ~$ xterm -display localhost:1 &

(note: this example uses direct X protocol - not ssh tunneling. Whatever you
type in the newly open xterm will pass plain on the network)


"J.O. Aho" wrote in message
news:2u76hvF26bfo2U1@uni-berlin.de...
> James Hinchey wrote:
> > I have an installation of Fedora Core 2 which is refusing remote X
> > sessions. Even after setting "xhost +" on my local machine and
> > setting the DISPLAY variable on the remote computer, I still get:
> >
> > Error: Cannot open display
> >
> >
> > It may be a coincidence, but this seems to have started with the
> > change to X.org. Any suggestions would be welcome
>
> It's just coincident that the change of security and change over to xorg
> happened on the same time. Sorry I don't use FC2, so I can't help you with
> that, but you could try to check out the FC1/RH9 XFree86 setup to see the
> difference in the setup of security.
>
>
> //Aho