# Xorg and port 6000 ?



## nali (Jul 31, 2016)

Hello.

I've been using FreeBSD for years, but have a problem now.
Yes, I've been playing Quake 3 with my Voodoo 3 on gcu-squad  thousand years ago 

I usually use a laptop and have a second computer running Mint or FreeBSD, so it's very useful for me to use x2x. The network works of course, the DHCP server also.

For those who don't know x2x, it's a wonderful toy to share mouse/keyboard.
`x2x -west  -to $IP`

x11-servers/x2x or `pkg install`.

There's also x11-servers/x2vnc, useful for Windows, but it's a pain and really slow
Unless you enjoy 100% Cpu for just a display ..


When I boot on Linux, I can use x2x.
Just modified /etc/X11/xinit/xserverrc and remove the -nolisten tcp option.

nmap on the Linux gives :

```
PORT  STATE SERVICE
22/tcp  open  ssh
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
6000/tcp open  X11
```


When boot on FreeBSD :

```
PORT  STATE SERVICE
22/tcp open  ssh
```

So 6000 is open.
I know this may look insecure, but for a private network, who really cares 


Of course I created a /usr/local/etc/X11/xinit/xserverrc.

```
#!/bin/sh
exec /usr/local/bin/X "$@"  <-- notice I removed the [FILE]-nolisten tcp[/FILE].
```



```
[phil@athlon ~]$ nmap localhost

Starting Nmap 7.12 ( https://nmap.org ) at 2016-07-30 22:49 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000024s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 998 closed ports
PORT  STATE SERVICE
22/tcp open  ssh
25/tcp open  smtp
```

So it's not a pf(4) problem on this box ...

Any idea ?
Thanks.


Log from /var/log/Xorg.0.log says it uses /etc/xorg/xorg.conf.

```
#Using config file: "/etc/X11/xorg.conf"
```
I use slim as

So I have no idea how to open the port.
Any help would be useful, of course.


----------



## nali (Jul 31, 2016)

Oops....
Slim as graphical login.
It is awful, but we have no choice.


----------



## surv (Jul 31, 2016)

add
`-listen tcp`
(now Xorg uses `-nolisten tcp` by default)


----------



## junovitch@ (Aug 6, 2016)

The listening on port 6000 by default went away in Xorg 1.17.  See PR 203826 for some other folks that were impacted.


----------



## Oko (Aug 6, 2016)

What you are trying to do is really bad idea. You can use `ssh -Y` to run graphical client on the remote machine. If you need a full desktop Linux supports X2Go server which is based on NX X libraries (NX X server and clients are now fully closed source). FreeBSD has X2Go in ports. It suffer from root exploits (typically for Linux) but hey you said the security is not really important to you


----------



## Murph (Aug 6, 2016)

Oko said:


> What you are trying to do is really bad idea. You can use `ssh -Y` to run graphical client on the remote machine. If you need a full desktop Linux supports X2Go server which is based on NX X libraries (NX X server and clients are now fully closed source). FreeBSD has X2Go in ports. It suffer from root exploits (typically for Linux) but hey you said the security is not really important to you



Traditional X11 via 6000–6063/tcp is still a perfectly valid approach on a private network, combined with xauth(1) (try to avoid xhost(1), which really is a bit insecure).  See also Xsecurity(7).  
MIT-MAGIC-COOKIE-1 isn't anything like a strong as ssh(1), but quite adequate for many use cases over private networks.   It is only a generally bad idea to expose 6000 to untrusted networks, and can be a perfectly reasonable idea in other cases, as long as you take the time to consider the risks.


----------



## nali (Aug 7, 2016)

Thanks !
It's so simple in fact ...
And sorry to be late, I forgot to activate notifications by mail ...

I'm aware it's a big security hole, but  in my case, the FreeBSD computer is just connected to my laptop via a straight network cable, there's a firewall on the wifi router and my Linux laptop also has a firewall.
Both are on my desktop and it's just to avoid to use a second  keyboard/mouse, because I'm lazy .
So, who cares security here ...


----------

