Getting X11 forwarding through ssh working after running su in AIX

After logging to a remote server using the “ssh -X user@host” (assuming that you have enabled X11Forwarding in your “/etc/ssh/sshd_config” file, and then restarted ssh by issuing “stopsrc -g ssh” and then “startsrc -g ssh”), you can run any X-windows application you want ONLY WITH THE USER YOU USED TO LOGIN FROM THE BEGINNING. Whenever you switch your user using “su – username“, you won’t be able to run any graphical application due to the following two problems:

  1. The $DISPLAY variable value is lost
  2. X authentication is based on cookies — secret little pieces of random data that only you and the X server know… So, you need to let the other user know what your cookie is

To solve problem one, you can simply add this entry to your “/etc/profile”: “export DISPLAY=localhost:10.0”

To solve problem two, you’ll have to do the following after login to the server:

  1. run the command “xauth list” to request the cookie for the current DISPLAY that’s connecting to your X server, you’ll receive something like that: somehost.somedomain:10 mit-magic-cookie-1 4d22408a71a55b41ccd1657d377923ae
  2. Switch to the other user by issuing “su – username
  3. Copy the above response and paste it to produce this command “xauth add somehost.somedomain:10 mit-magic-cookie-1 4d22408a71a55b41ccd1657d377923ae
  4. Important Note: You’ll have to repeat the above steps every time you use ssh to login to a server.

Example Scenario (Commands are in bold):
ssh -X root@10.11.12.117
xauth list” Output -> “xyosd/unix:10 MIT-MAGIC-COOKIE-1 321c1d6b5bf22484395d0e05b0a29104”
su – ahmad
xauth add xyosd/unix:10 MIT-MAGIC-COOKIE-1 321c1d6b5bf22484395d0e05b0a29104

Article Resources: “http://www.debian-administration.org/articles/494”

About SoCRaT

Software Engineer, OSS & Linux Geek
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s