Monday, June 22, 2015

How to extend X11 forwarding after SUDO?

Most of the time "ssh -X username@servername" works for X11 (display) forwarding via SSH protocol. However, when we need to sudo to any application user, X11 does not work from that point on. Here is a quick fix to that problem.
[/user/johnc] $ ssh -X server1
johnc@server1's password:
Warning: No xauth data; using fake authentication data for X11 forwarding.
Last login: Sat Jun 20 04:58:57 2015 from 10.68.76.230
[johnc@server1 ~]$
[johnc@server1 ~]$ xterm
[johnc@server1 ~]$ xauth list
server1/unix:10  MIT-MAGIC-COOKIE-1  [some output.....]


[johnc@server1 ~]$ sudo -u appuser -H -s
bash-4.1$ xauth add server1/unix:10  MIT-MAGIC-COOKIE-1   [some output.....] 
xauth:  creating new authority file /user/appuser/.Xauthority

bash-4.1$ id
uid=1002(appuser) gid=310(dba) groups=310(dba)

bash-4.1$ xterm
Now XTERM will open with out any problem!

No comments: