Hi, thanks to: Scott M. Sorrentino <scott@kill-hup.com> Pavic, Aleksander <Aleksander.Pavic@telekom.de> Perrier Kent <Kent.Perrier@HCAhealthcare.com> Toens Bueker <toens.bueker@e-trend.de> Kevin Enslow <enslow@comcast.net> and especially to Casper Dik <casper@holland.sun.com> for their fast and good answers! The solution is basically simple, Casper explained it as follows (Very good explanation, so I include the message herein): =========================/snip/================================= Yes, you need to do one of two things: copy the X authentication cookie to the other user's $XAUTHORITY file set $XAUTHORITY to the orginal user's ~/.Xauthority note that the latter will only work if the other user can read the file; generally that is not the case; only for root and then only if the home directory is not on NFS ==========================/snap/================================== Some others suggested to use "sudo" or "su -c", which also works. I think I'll have to do a little scripting work to automate Casper's solution (Unfortunately, we're using NFS for the home-dirs - so, getting the .Xauthority file copied to the new users home-dir was a little bit complicated, :-)) But, finally I got it working, thanks to all on the list for reading, and for the good, fast and reliable answers! Have a nice hackin', Harald On Fri, 2004-01-30 at 10:22, Harald Husemann wrote: > Hi folks, > > I use ssh to connect our servers, 'cause it's more secure than telnet. I > can start X-applications on the server, with the output forwarded over > the ssh-tunnel to the X-server running on my client. > It works perfectly well, but unfortunately, when I use "su" to become > root or any other user, the tunnel gets broken. > The error-message is: > ==================/snip/==================================== > X11 connection rejected because of wrong authentication. > X connection to xxx:10.0 broken (explicit kill or server shutdown). > =====================/snap/================================= > > Hm... At the moment, I allow direct root-login via ssh, but first of > all, this is a bit insecure, and it does not solve the problem of > starting X-applications as other users, since often I don't know their > passwords (of course). > > So, the main question is: > > Is there a way to "inherit" the X11-tunnel to a subshell?? > > Thanks, > > will summarize, > > Harald -- ============================================ Harald Husemann Systems Engineer Teammanager Unix administration and Configuration Management Materna Gmbh - Vo_kuhle 37 - D-44141 Dortmund, Germany Phone: +49-231-5599-8684 _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Fri Jan 30 08:23:57 2004
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:26 EST