This shows you the differences between two versions of the page.
— |
x_over_ssh_with_sudo_su [2011/06/01 12:58] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== X over SSH with sudo/su ====== | ||
+ | X over SSH is a nice feature which allow the X traffic to be encrypted in the SSH tunnel.\\ | ||
+ | Executing su / sudo will although break the X traffic and result in a error\\ | ||
+ | |||
+ | X11 connection rejected because of wrong authentication.\\ | ||
+ | X connection to localhost:10.0 broken (explicit kill or server shutdown). | ||
+ | |||
+ | The problem is that the MIT-MAGIC-COOKIE not will survive sudo/su\\ | ||
+ | |||
+ | Here is a little trick to add the originating users MIT-MAGIC-COOKIE to the end user | ||
+ | |||
+ | # ssh -X <username>@<hostname> | ||
+ | # xauth list | ||
+ | Output similar to: | ||
+ | |||
+ | <hostname>/unix:<display> MIT-MAGIC-COOKIE-1 <unique MIT-MAGIC-COOKIE key> | ||
+ | |||
+ | |||
+ | Copy output from xauth list (whole line), then sudo / su | ||
+ | |||
+ | As new user: | ||
+ | |||
+ | # xauth add <the output of the above xauth list> | ||
+ | # export DISPLAY=<hostname>:<display> | ||
+ | |||
+ | Hostname & DISPLAY variable, which is also seen in the xauth list.\\ | ||
+ | You might skip the EXPORT DISPLAY command if the DISPLAY variable is already configured correct. |