Xforwarding doesn't allow for switching users
I'm ssh'd into a remote computer and xforwarding is working fine... but as soon as I "sudo su -" or "sudo su user2" it no longer Xforwards anything giving me the error:
X11 connection rejected because of wrong authentication.
xterm Xt error: Can't open display: localhost:10.0
Any Ideas?
Thanks
- Enable X-11 Forwarding in your client
- Log in as your normal user
-
echo $DISPLAYto get the associated display -
xauth list, find the display number which corresponds with what you found in #3 and copy it - Sudo to root
xauth add <paste in what you copied from #4> - Now you can execute commands as root and will be able to se the X11 Forwarding connection
Before you sudo, do this:
$ xauth extract /tmp/xauthstuff $DISPLAY
After you sudo, do this:
# xauth merge /tmp/xauthstuff
Does this work for you?
PS remember to rm /tmp/xauthstuff afterwards
I don't have access to root account to do any of the above, so here is a work around that I used.
First, ssh to your account like you normally do and test everything is working.
ssh -Y <you>@<your_server>
I usually just fire up an XTerm to ensure I have connectivity. If all good, copy .XAuthority file that is in <you> home directory and put it in a public directory.
cp ~/.Xauthority /tmp/tempXAuth
Make sure you chmod 777 on that file in the public directory so that the sudo account can use it in the later step.
chmod 777 /tmp/tempXAuth
now sudo to the user you need to do work as
sudo su - <other_user>
once you are <other_user>, back up the existing .Xauthority and then copy the "good" one over.
cp ~/.Xauthority ~/.Xauthority.bak
cp /tmp/tempXAuth ~/.Xauthority
you should be able to run any X programs and have them authenticate with your current XServer session.