just one preliminary question:
You have verified that every sshd on the way has X Forwarding enabled? And
restarted it afterwards, eventually?
Ah, well, and another question:
Have you started sshd and ssh in very verbose mode (-vvv) and looked into
the logs? Many things in verbose mode are completely alien wording, but
sometimes one can get a hint.
I have not tried using X forwarding on such a double ssh route myself, but
I have configured something similar some months ago for someone else to
use.
What I did, was:
On the first part of the way (that is freya to hal, isn't it?) I used
public key authentication, and in authorized_keys I added
"command=/path/to/ssh -X -l USER ririu" before the key. That makes the
shell on hal open up the second part of the way on its own - you hop right
through hal from freya to ririu. And you are restricted to exactly that
command in the shell on hal, you can do nothing else.
My first server was HPUX, the second some Linux (don't know the distro,
presumably RedHat), and I remember I had to fiddle around with the syntax,
but it worked in the end including X forwarding (according to the guy who
had to use it).
By the way, the above syntax is right away off my head - don't trust it
down to the single sign.
Regards,
Dirk
--On 30. September 2008 13:21:14 +0200 Malte Horst Arthur Skoruppa
<malte (at) countnumber (dot) de [email concealed]> wrote:
> Hi all,
>
> I'm having a problem setting up an SSH connection with X Forwarding in a
> very special setup, and hope you will be able to help me.
>
> The setup is as follows: I live in a student residence and have a
> computer there named ririu. This computer isn't reachable from the
> outside, as the university's computer center blocks all ingoing
> connections to the residence from the outside. The only reachable
> computer from the outside is our server in the residence, hal, for which
> the computer center makes an exception.
>
> I'm now at my parent's place and want to build up an SSH connection with
> X Forwarding from my computer here, freya, to ririu, my computer in the
> residence. As hal is in the same LAN as ririu, obviously I can connect
> from freya to hal, and then from hal to ririu.
>
> So I can also log in to hal and do a
>
> malte@hal $ ssh -g -L 2508:ririu:22 malte@ririu
>
> to build up an SSH tunnel. Then I can connect from freya to ririu using
>
> malte@freya $ ssh -p 2508 malte@hal
>
> This works like a charm. However, now I also want to have X Forwarding ;)
>
> So I tried to specify -X as an additional parameter.
>
> malte@freya $ ssh -p 2508 -X malte@hal
>
> I do succeed in connecting to ririu. Except that the X forwarding doesn't
> work!
>
> malte@ririu $ firefox
> Error: no display specified
> malte@ririu $ echo $DISPLAY
>
> malte@ririu $
>
> An X Forwarding to hal works flawlessly:
>
> malte@freya:~$ ssh -X malte@hal
> malte@hal $ echo $DISPLAY
> localhost:11.0
>
> ...I can start X applications on hal and they are displayed on freya. But
> as you see, when I try to this from freya through an SSH tunnel from hal
> to ririu, the DISPLAY variable somehow gets lost. It doesn't help to
> randomly set the DISPLAY variable on ririu to localhost:11.0 or
> localhost:10.0 either, which I tried in desperation.
>
> I hope I made it clear what the problem is, otherwise just ask :)
> Do you have any idea why this isn't working? I would have assumed that
> ssh doesn't even notice it's running through an SSH tunnel and that this
> should hence work without problems. But it doesn't... so, is there any
> way for me to build up an ssh connection with X forwarding from freya to
> ririu at all?
>
> Thanks for your help :)
--------------------------------------------------------------
Dirk H. Schulz
IT Systems Service
Wiesenweg 12, 85567 Grafing
Tel. 0 80 92/86 25 68
Fax. 0 80 92/86 25 72
--------------------------------------------------------------
Technik vom Feinsten - und das nötige Tuning
just one preliminary question:
You have verified that every sshd on the way has X Forwarding enabled? And
restarted it afterwards, eventually?
Ah, well, and another question:
Have you started sshd and ssh in very verbose mode (-vvv) and looked into
the logs? Many things in verbose mode are completely alien wording, but
sometimes one can get a hint.
I have not tried using X forwarding on such a double ssh route myself, but
I have configured something similar some months ago for someone else to
use.
What I did, was:
On the first part of the way (that is freya to hal, isn't it?) I used
public key authentication, and in authorized_keys I added
"command=/path/to/ssh -X -l USER ririu" before the key. That makes the
shell on hal open up the second part of the way on its own - you hop right
through hal from freya to ririu. And you are restricted to exactly that
command in the shell on hal, you can do nothing else.
My first server was HPUX, the second some Linux (don't know the distro,
presumably RedHat), and I remember I had to fiddle around with the syntax,
but it worked in the end including X forwarding (according to the guy who
had to use it).
By the way, the above syntax is right away off my head - don't trust it
down to the single sign.
Regards,
Dirk
--On 30. September 2008 13:21:14 +0200 Malte Horst Arthur Skoruppa
<malte (at) countnumber (dot) de [email concealed]> wrote:
> Hi all,
>
> I'm having a problem setting up an SSH connection with X Forwarding in a
> very special setup, and hope you will be able to help me.
>
> The setup is as follows: I live in a student residence and have a
> computer there named ririu. This computer isn't reachable from the
> outside, as the university's computer center blocks all ingoing
> connections to the residence from the outside. The only reachable
> computer from the outside is our server in the residence, hal, for which
> the computer center makes an exception.
>
> I'm now at my parent's place and want to build up an SSH connection with
> X Forwarding from my computer here, freya, to ririu, my computer in the
> residence. As hal is in the same LAN as ririu, obviously I can connect
> from freya to hal, and then from hal to ririu.
>
> So I can also log in to hal and do a
>
> malte@hal $ ssh -g -L 2508:ririu:22 malte@ririu
>
> to build up an SSH tunnel. Then I can connect from freya to ririu using
>
> malte@freya $ ssh -p 2508 malte@hal
>
> This works like a charm. However, now I also want to have X Forwarding ;)
>
> So I tried to specify -X as an additional parameter.
>
> malte@freya $ ssh -p 2508 -X malte@hal
>
> I do succeed in connecting to ririu. Except that the X forwarding doesn't
> work!
>
> malte@ririu $ firefox
> Error: no display specified
> malte@ririu $ echo $DISPLAY
>
> malte@ririu $
>
> An X Forwarding to hal works flawlessly:
>
> malte@freya:~$ ssh -X malte@hal
> malte@hal $ echo $DISPLAY
> localhost:11.0
>
> ...I can start X applications on hal and they are displayed on freya. But
> as you see, when I try to this from freya through an SSH tunnel from hal
> to ririu, the DISPLAY variable somehow gets lost. It doesn't help to
> randomly set the DISPLAY variable on ririu to localhost:11.0 or
> localhost:10.0 either, which I tried in desperation.
>
> I hope I made it clear what the problem is, otherwise just ask :)
> Do you have any idea why this isn't working? I would have assumed that
> ssh doesn't even notice it's running through an SSH tunnel and that this
> should hence work without problems. But it doesn't... so, is there any
> way for me to build up an ssh connection with X forwarding from freya to
> ririu at all?
>
> Thanks for your help :)
--------------------------------------------------------------
Dirk H. Schulz
IT Systems Service
Wiesenweg 12, 85567 Grafing
Tel. 0 80 92/86 25 68
Fax. 0 80 92/86 25 72
--------------------------------------------------------------
Technik vom Feinsten - und das nötige Tuning
[ reply ]