What is the FULL TUTORIAL to set up X11 forwarding with the last CentOS CLEAN install?

ssh centos6 x11-forwarding
TLeM4 picture TLeM4 · May 10, 2014 · Viewed 10.9k times · Source

Is anyone can give to me the FULL process to set up X11 forwarding from a CentOS fresh and clean install on a dedicated server ? So, i have access to the server only by ssh

The problem is simple : i already tried i think all solution i find in google to make X11 forwarding working :

set in /etc/ssh/sshd_config

X11Forwarding yes

and

X11UseLocalhost no or X11UseLocalhost yes

and

XAuthLocation /usr/bin/xauth (and xauth is in this path)

and

AddressFamily inet or AddressFamily any

restarting sshd after each write with /etc/init.d/sshd restart (and it tell to me it stop and start)

i tried to install many and many things (restarting sshd after each install) like :

yum groupinstall 'X Window System' (it works well)

xorg-x11-utils (it works)

xorg-x11-fonts-* (it works)

xorg-x11-xauth (already installed)

yum install xorg-x11-xauth.x86_64 (it works)

when i try "strings /usr/sbin/sshd |grep xauth" i got :

/usr/bin/xauth
xauthlocation
maxauthtries
No xauth program; cannot forward with spoofing.

but /usr/bin/xauth give me :

Using authority file /root/.Xauthority
xauth>

so xauth is in the right place...

i tried all ssh option -X, -x, -Y -XY.... nothing worked.

i tried to set display myself, but nothing worked :

DISPLAY is not set, Can't open display and other errors like that.

And just after ssh login $DISPLAY is empty, always.

And i'm not sure that i have not forget some solution i have already tried...

Anyone to help me to get X11 forwarding working ?

I have CentOS release 6.5 (Final) and my hoster is OVH

PS : sorry for my bad english

Answer

hitjim picture hitjim · Aug 5, 2014

I encountered this same issue, due to an ~/.Xauthority file not being generated for new users upon connecting via ssh. I'd made all appropriate changes to /etc/ssh/sshd_config and /etc/ssh/ssh_config and reset the service via

/etc/init.d/sshd restart

But I never had any luck until I changed my SELinux settings after finding this - ssh X11 forwarding won't work

Of course, you only want to implement changes to SELinux if it's acceptable for your use case. But for me, setting SELinux to permissive with

setenforce 0

and setting the following in /etc/selinux/config - so that this change persisted after reboot

SELINUX=permissive

I would like to emphasize that my situation is a non-critical operation within a (hopefully!) securely-managed intranet. I would NOT suggest turning off SELinux at work, or at home if you're hoping to open ports or configure VPN for your home network. Please consider: http://securityblog.org/2006/05/21/software-not-working-disable-selinux/

Related questions

SSHD Gives error could not open Authorized Keys, although permissions seem correct

I'm unable to login to SSH because of the following error in /var/log/secure (according to the debug logs): Dec 19 18:01:05 hostname sshd[25119]: debug1: trying public key file /root/.ssh/authorized_keys Dec 19 18:01:05 hostname sshd[25119]: debug1: Could not open authorized …

Read More
MySQL Workbench (version 6.0.8) SSH Authentication Issue

I am trying to connection to a MySQL server on Host X through machine Y over SSH. The same setup (but older version of MySQL workbench) works on my another box (CentOS 6.3). However, the same setup doesn't work on my …

Read More
FIPS integrity verification test failed when iniating SSH session

I recently enabled the FIPS module under CentOS 6 (minimum install). Module is confirmed working: cat /proc/sys/crypto/fips_enabled yields 1 openssl md5 somefile(fails) and openssl sha1 somefile(succeeds). openssl version yields OpenSSL 1.0.1e-fips 11 Feb 2013 When I attempt to …

Read More