Re: What does "X11UseLocalhost no" do?
- From: Randy Yates <yates@xxxxxxxx>
- Date: Tue, 06 Feb 2007 09:17:20 -0500
per@xxxxxxxxxxxx (Per Hedeland) writes:
In article <4TTxh.16606$ji1.12988@xxxxxxxxxxxxxxxxxxxxxxxxxx> Neil W
Rickert <phishing@xxxxxxxxxx> writes:
Randy Yates <yates@xxxxxxxx> writes:
Neil W Rickert <phishing@xxxxxxxxxx> writes:
$ xterm
X11 connection rejected because of wrong authentication.
X connection to localhost:10.0 broken (explicit kill or server shutdown).
Checking "netstat" output should help. You should see a listener
on port 6010 for your DISPLAY value.
[dc_admin@uspsdata ~]$ netstat -an
netstat: kvm not available
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 200.46.204.173.6010 *.* LISTEN
Weird. Have you tried setting $DISPLAY to "200.46.204.173:10"?
Or does "localhost" resolve to "200.46.204.173" when you do an IP
address lookup on your system? Or were you using "X11UseLocalhost
no" when you did that "netstat"?
I believe the above is an effect of what Randy mentioned earlier:
However, host.dst is the host at my ISP where he runs "virtual
machines" under bsd. Could it be that this virtual machine is
causing the problem?
At least for FreeBSD's 'jail' functionality, the jail(2) man page
(http://www.freebsd.org/cgi/man.cgi?query=jail&sektion=2) says:
All IP activity will be forced to happen to/from the IP number
specified, which should be an alias on one of the network interfaces.
I.e. it can be expected (I haven't verified this) that an attempt to
bind() a socket to any other specific address (including 127.0.0.1,
which would "belong" to the jail-hosting host) is transformed into a
bind() to the jail-specific address. It could possibly also explain the
failure of the connection - as I read the above, an attempt to connect
to 127.0.0.1 should proceed with the destination address unchanged, but
with the source address transformed to the jail-specific address.
Hi Per,
Yes, I suspect you've hit the nail on the head.
Such a connection should definitely fail, and possibly not with the
"Connection refused" that would be expected on a "normal" host where
nothing was listening on a matching address/port - I can't see how it
could get as far as attempting authentication though, but maybe that's
just lack of precision in the error message from Xlib.
What happens if the jail-specific address was abc.def.ghi.jkl.6010 while
sshd was listening on localhost.6010?
As an aside, calling a FreeBSD 'jail' a "virtual machine" is probably an
exaggeration - it's more like chroot on steroids. But most users of such
an ISP service are probably just interested in running a server or two
plus doing the up/downloads that may be needed in conjunction with that,
and for this it is a good match.
You obviously know a lot more about this than me. I just have the
faintest notion that things are somehow "virtualized" and have
never had to be concerned about it until now.
Thanks much for shedding light, Per.
--
% Randy Yates % "Bird, on the wing,
%% Fuquay-Varina, NC % goes floating by
%%% 919-577-9882 % but there's a teardrop in his eye..."
%%%% <yates@xxxxxxxx> % 'One Summer Dream', *Face The Music*, ELO
http://home.earthlink.net/~yatescr
.
- Follow-Ups:
- Re: What does "X11UseLocalhost no" do?
- From: Per Hedeland
- Re: What does "X11UseLocalhost no" do?
- References:
- What does "X11UseLocalhost no" do?
- From: Randy Yates
- Re: What does "X11UseLocalhost no" do?
- From: Neil W Rickert
- Re: What does "X11UseLocalhost no" do?
- From: Randy Yates
- Re: What does "X11UseLocalhost no" do?
- From: Neil W Rickert
- Re: What does "X11UseLocalhost no" do?
- From: Per Hedeland
- What does "X11UseLocalhost no" do?
- Prev by Date: Re: What does "X11UseLocalhost no" do?
- Next by Date: Re: What does "X11UseLocalhost no" do?
- Previous by thread: Re: What does "X11UseLocalhost no" do?
- Next by thread: Re: What does "X11UseLocalhost no" do?
- Index(es):
Relevant Pages
|
|
