# ssh with X11 Forwarding in Jail



## kaivai (Jan 28, 2015)

Hey guys,

I'm having a difficult time getting ssh with X11 working from a headless (laptop without X running) FreeBSD jail to a Linux laptop (with xorg-server running). I have read a few mailing list posts/blogs that seem to indicate that this is possible although I confess that this is the first time I have tried this on a BSD box, or a headless pc. I should probably mention that I'm connecting from a Linux based laptop, and I've been able to make successful X11 forwarded connections to another Linux box using these settings. Would xorg-server versions need to be the same for this type of transaction?

The main issue seems to be:

```
xterm: Xt error: Can't open display: velma:10.0
```
I have tried:
* Deleted .Xauthority on both client and host
* tried connecting with actual IP @192.168.1.208 instead of @velma
* restarting sshd
* X11UseLocalhost yes/no

/etc/ssh/sshd_config

```
AllowTcpForwarding yes
X11Forwarding        yes
X11DisplayOffset     10
X11UseLocalhost      no
```

/etc/rc.conf

```
# internet connections working in/out, but to rule it
# out I thought I'd post this file as well
jail_velma_hostname="velma"
jail_velma_rootdir="/usr/home/j/velma"
jail_velma_devfs_enable="yes"
jail_velma_ip="192.168.1.208"
ifconfig_bfe0_alias6="inet 192.168.1.208/24"
```


`ssh -vvv -AY -p 8704 will@velma xterm`

```
# host velma's ip obtained through /etc/hosts file

Authenticated to velma ([192.168.1.208]:8704).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: x11_get_proto: /usr/bin/xauth  list :0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 1
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug1: Sending command: xterm
debug2: channel 0: request exec confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: X11 forwarding request accepted on channel 0
debug2: channel 0: rcvd adjust 65536
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug2: channel 0: rcvd ext data 48
xterm: Xt error: Can't open display: velma:10.0
debug2: channel 0: written 48 to efd 6
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)

Transferred: sent 2912, received 2412 bytes, in 75.4 seconds
Bytes per second: sent 38.6, received 32.0
debug1: Exit status 1
```

`ssh -AY -p 8704 will@velma env`

```
SHELL=/usr/local/bin/bash
TERM=su
SSH_CLIENT=192.168.1.114 57561 8704
USER=will
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/home/will/bin
MAIL=/var/mail/will
BLOCKSIZE=K
PWD=/s/home/will
SHLVL=1
HOME=/home/will
LOGNAME=will
SSH_CONNECTION=192.168.1.114 57561 192.168.1.208 8704
DISPLAY=velma:10.0
_=/usr/bin/env
```

Any chance any of you might see something I've done incorrectly? Or any debugging suggestions?


----------



## vejnovic (Feb 2, 2015)

You can try sysutils/cbsd. With him you can install and run X server inside a jail.


----------



## kaivai (Feb 5, 2015)

Wow, I'm not feeling very smart, I guess I would need to have X running to forward it over SSH. CBSD looks great, I'm really excited! When using X11vnc didn't work with the program I wanted, I more or less gave up. I'll check back in with results once I get it all set up. Thanks a lot guys!


----------

