X forwarding after loged in user becomes root
My Question:
We use our personal SSH key to remote login to linux hosts. Then we use sudo -i (or -s) to become root. But when in root “mode” we need to forward the X session.
How can I get this to work??
All Comments (6)
Hello,
Thank you for reaching out to Devolutions Support.
I attempted to reproduce the issue on my end, and even after switching to root, X forwarding continues to work as expected.
Could you please clarify whether X forwarding works before switching to root, or if it doesn't work at all on your side?
- If X forwarding does not work at all, please refer to the following documentation for setup instructions.
- If X forwarding only stops working after switching to root, please review the final section of the documentation for specific guidance.
https://docs.devolutions.net/rdm/kb/how-to-articles/X11-forwarding/
Best regards,
Carl Marien
Hi,
Yes Xforwarding works with the first login. I then followed this part from the documentation:
X11 forwarding issues when using su
From the original SSH user, enter xauth list - /tmp/xauthcookies.
Switch to the new user.
Enter xauth merge /tmp/xauthcookies.
But the commands do not work..
xauth list - /tmp/xauthcookies returns:
xauth: (argv):1: bad display name "-" in "list" command
xauth: (argv):1: bad display name "/tmp/xauthcookies" in "list" command
I assume the out put of xauth needs to be in file /tmp/xauthcookies
so I did xauth list > /tmp/xauthcookies and the file contents looks like this:
unix:12 MIT-MAGIC-COOKIE-1 db0d45db0e7b28c74e1a1b121639da38
unix:13 MIT-MAGIC-COOKIE-1 ba5c9933ff08ae090bd1237e1f048969
unix:11 MIT-MAGIC-COOKIE-1 de9e2556b308e208b7d012d578e44d95
unix:10 MIT-MAGIC-COOKIE-1 2f5586b54ba66d502a34a0a611248b54
Then I become root with sudo -s
xauth merge /tmp/xauthcookies
returns:
xauth: (argv):1: unable to read any entries from file "/tmp/xauthcookies"
For some reason I'm unable to merge the file
Hello,
Would it be possible for you to connect to the session using PuTTY and see if you can reproduce the issue?
Best regards,
Carl Marien
Hi Carl,
This is what I do on PuTTY (and DRM) that does work.
As normal user:
echo $DISPLAY
xauth list
Thern become root
sudo -s
xauth add {de resonse van xauth list}
export DISPLAY= {de response van echo $DISPLAY}
run Xterm
So this will work, but is not workable to do everytime I log in to a server.
I have to add the way I connect to these hosts.
First I setup an SSH Tunnel
Then I create an SSH connect using the SOCKS5 proxy.
maybe that is the problem..
Hello,
Thank you for your patience.
I’m still unable to reproduce the issue, even when using an SSH tunnel.
At this point, I believe a remote session would be the best way forward. I will send you a link for the session via email so that we can investigate the issue together.
Best regards,
Carl Marien