[lug] Newbie X-window questions

Tkil tkil at scrye.com
Wed May 9 14:22:54 MDT 2001 

>>>>> "Glenn" == Glenn Murray <gmurray at Mines.EDU> writes:

Glenn> Also, I hadn't thought about VNC, there's even a Debian package
Glenn> for it.  What happens when you run connect to a machine with a
Glenn> VNC server which is not at the moment, running X?

VNC servers are X servers, as someone else has already pointed out.

Glenn> More fundamentally, though, I'd like at this point to get even
Glenn> one window open using "host-based authentication".  To avoid
Glenn> the "local/remote" confusion, say I have a Linux box "mine"
Glenn> which I am sitting at, and there is a Linux box "hers" running
Glenn> on the local net, on which I have an account.  I can ssh to
Glenn> hers, and then

Glenn> hers$ xhost +mine
Glenn> xhost:  unable to open display ""

Glenn> Does X need to be running on hers already?  Can I start it?

Glenn> Don't I have to export some DISPLAY variable?

Glenn> What do I type at mine$ to get a window on hers?

In this case, you are trying to run an X client (either on "mine" or
"hers") to display on the X server "hers".  So, yes, X has to be
running on "hers" already, otherwise there's no server to connect to!
You could run it as you, but if you don't have permissions on the
console, it probably won't get very far.

If X is running on her machine, you'll have to tell *that* X server to
allow connects from the user+machine running the client.  "xhost" just
talks to the x server, so if you can't connect in the first place,
you're probably out of luck.

Most default X installations require cookie-based authentication.
This means that X clients need to be able to get a valid cookie, which
they do (through xlib) by reading ~/.Xauthority.  Since you can't read
hers, and you don't have it stored in your own .Xauthority, you can't
connect to her X server.  That's pretty much the end of the story.

Note that even "xhost" is just another X client, in that it has to
connect to the X server to change its state.  Since it can't connect
in the first place, you're out of luck.

Short answer: current typical X installs are designed to make it
difficult for people to connect clients to the X server.  This is the
more secure route, and is the right choice for typical installs.

You might be able to play around a little by temporarily having her
turn off cookie authentication and letting in your host (e.g. have her
execute "xhost +mine" against the hers:0 X server).  This should let
you in.

The man pages for 'xauth' and 'xhost' should have more information.  I
know that the terminology is a bit squirrelly, but it makes sense so
long as you're thinking at the X level.

Good luck,
t.

More information about the LUG mailing list