X11… Really?


Yeah, not exactly an exciting technology that’s making innovative progress in the cloud space. However, I needed to write an article to add to the many solutions posted to the interwebs-at-large regarding the inability to forward X11.

Why, you ask?

There are innumerable amounts of blog posts that detail the many, many error messages possible while trying to open an X11 based application over an ssh connection to a host with a misconfigured X11 client or server, but not many with the seemingly unrelated solution I put in place.

Here’s the problem, I just updated my Air to Mac OSX Yosemite and at about the same time, I rebuilt a test box I used as a DNS server so I had a few variables change at once. When I tried to connect to the box and run various X11 based applications over ssh, I got this:

$ ssh -Y [email protected]
[email protected]'s password: 
X11 forwarding request failed on channel 0
Last login: Sat Jun 27 17:49:16 2015 from 10.0.0.34
[[email protected] ~]$ virt-manager 
[[email protected] ~]$ 
** (virt-manager:16130): WARNING **: Could not open X display
Gtk couldn't be initialized

[[email protected] ~]$ 
[[email protected] ~]$ xterm 
xterm: Xt error: Can't open display: 
xterm: DISPLAY is not set
[[email protected] ~]$

Typical, right?

I thought so too… I then immediately blamed my Air and ran the gamut of Google searches with keywords like “x11 macos yosemite” and “xquartz yosemite” and found a few complaints about XQuartz 2.7.7 falling apart after an upgrade to Yosemite, solution being an upgrade to 2.7.8_rc1.

Nope… didn’t work.

Even some fancy stuff like:

Recreate ~/.Xauthority with a trusted key

xauth generate $DISPLAY . trusted

No

Fix the DISPLAY environment variable by adding this to ~/.bashrc

 

alias ssh="ln -fs $(echo $DISPLAY | sed 's:\(/private/tmp/com\.apple\.launchd\.[^/]*\)/.*:\1:') $(echo $DISPLAY | sed 's:/private/tmp/com\.apple\.launchd\.\([^/]*\)/.*:/private/tmp/launch-\1:'); ssh"

No

Ugh… After determining that the client side was then fine by trying a different box and running xterm (Yeah I know, I should have done this first :/) I focused on the new box as the problem. Again, Google, centos Can't open display and centos Gtk couldn't be initialized. Nothing out of the ordinary that wasn’t already setup.

Ensure xauth is installed

xhost + on the host and client

X11Forwarding yes

and

X11UseLocalhost no

in sshd_config

Bah…

So, I stepped back because it was getting annoying. I then decided to look for some error messages (Yeah I know, I also should have done this first :/). Hmmm, then I found this:

sshd[8763]: error: Can't get IP address for X11 DISPLAY

WTH, can’t get IP address… What?

The IP is in the environment variables sent along with the ssh connection…

Why can’t it “get” the IP address for the… Wait… The remote IP or the local IP?

Hmm… What about DNS, Oh yeah, no DNS any more…

What about the hosts file?:

[[email protected] ~]$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

facepalm…

I added an entry to /etc/hosts and I could once again forward X11 normally:

my-new-centos-host 10.0.0.10

I guess adding a DNS entry would have worked too :/