| | 17 | = X11 forwarding with PuTTY = |
| | 18 | * 以下の手順はセキュリティを弱めることで問題に対応しているので、内容を理解して行うこと |
| | 19 | * [http://vega.sra-tohoku.co.jp/~kabe/vsd/ssh-x.html Forwarding X11 using ssh on modern desktop] |
| | 20 | > localのXサーバの -nolisten tcp オプションを外す (snip) local機の 6000番ポートにつなげられる人がちょっかい出せるようになるので、 おすすめされていない。 (xauthが有効な限りDoS以外の害はなさそうだが) |
| | 21 | |
| | 22 | == Could not connect: Connection refused == |
| | 23 | * $ virt-manager |
| | 24 | {{{ |
| | 25 | PuTTY X11 proxy: unable to connect to forwarded X server: Network error: Connection refused |
| | 26 | Unable to init server: Could not connect: Connection refused |
| | 27 | }}} |
| | 28 | * $ echo $DISPLAY |
| | 29 | {{{ |
| | 30 | localhost:10.0 |
| | 31 | }}} |
| | 32 | * $ sudo netstat -nap | grep 6010 |
| | 33 | {{{ |
| | 34 | tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 6568/sshd: mitty@pt |
| | 35 | tcp6 0 0 ::1:6010 :::* LISTEN 6568/sshd: mitty@pt |
| | 36 | }}} |
| | 37 | * puttylog |
| | 38 | {{{ |
| | 39 | Event Log: Requesting X11 forwarding |
| | 40 | Event Log: Requesting OpenSSH-style agent forwarding |
| | 41 | Event Log: X11 forwarding enabled |
| | 42 | }}} |
| | 43 | {{{ |
| | 44 | Event Log: Received X11 connect request from ::1:56944 |
| | 45 | Event Log: Opened X11 forward channel |
| | 46 | Event Log: Forwarded X11 connection terminated due to local error: Network error: Connection refused |
| | 47 | }}} |
| | 48 | |
| | 49 | * C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin-X\XWin Server.lnk |
| | 50 | {{{ |
| | 51 | C:\cygwin64\bin\run.exe --quote /usr/bin/bash.exe -l -c "cd; /usr/bin/startxwin" |
| | 52 | }}} |
| | 53 | * startxwinをデフォルトのまま用いると、6000/tcpでListenしなくなる |
| | 54 | * D:\>netstat -nao | grep 7688 |
| | 55 | {{{ |
| | 56 | TCP 127.0.0.1:53045 0.0.0.0:0 LISTENING 7688 |
| | 57 | }}} |
| | 58 | * D:\>netstat -nao | grep 6556 |
| | 59 | {{{ |
| | 60 | TCP 127.0.0.1:53447 0.0.0.0:0 LISTENING 6556 |
| | 61 | }}} |
| | 62 | |
| | 63 | * http://x.cygwin.com/docs/man1/startxwin.1.html |
| | 64 | > By default startxwin passes '-nolisten tcp' to the server, the special server option '-listen' can be used to stop startxwin from doing this. |
| | 65 | * 実際には{{{-listen tcp}}}とする必要がある → http://x.cygwin.com/docs/man1/Xserver.1.html |
| | 66 | * [http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-xserver-nolisten-tcp-default Cygwin/X Frequently Asked Questions] 3.13. I upgraded and now X clients can't connect |
| | 67 | * [https://bbs.archlinux.org/viewtopic.php?id=193953 (SOLVED) X Server not accepting remote connections after update / Newbie Corner / Arch Linux Forums] |
| | 68 | * [http://unix.stackexchange.com/questions/202043/putty-cygwinx-and-x11-forwarding-connection-refused linux - PuTTY, CygwinX, and X11 forwarding connection refused - Unix & Linux Stack Exchange] |
| | 69 | > {{{ |
| | 70 | > C:\cygwin64\bin\run.exe --quote /usr/bin/bash.exe -l -c "cd; /usr/bin/startxwin -- -multiwindow -listen tcp" |
| | 71 | > }}} |
| | 72 | * XWin Server.lnk |
| | 73 | {{{ |
| | 74 | C:\cygwin64\bin\run.exe --quote /usr/bin/bash.exe -l -c "cd; /usr/bin/startxwin -- -multiwindow -listen tcp" |
| | 75 | }}} |
| | 76 | * D:\>netstat -nao | grep 6000 |
| | 77 | {{{ |
| | 78 | TCP 0.0.0.0:6000 0.0.0.0:0 LISTENING 4276 |
| | 79 | }}} |
| | 80 | * 実際にはこれだけでは不足で、XWin.exeを直接起動するようにしたほうが良い(see [#Authorizationrequired]) |
| | 81 | |
| | 82 | == Authorization required == |
| | 83 | * $ virt-manager |
| | 84 | {{{ |
| | 85 | Authorization required, but no authorization protocol specified |
| | 86 | Unable to init server: Could not connect: Connection refused |
| | 87 | }}} |
| | 88 | |
| | 89 | * [https://cygwin.com/ml/cygwin-xfree/2015-02/msg00075.html Jon TURNEY - Re: Can't open display with PuTTY and xinit 1.3.4-1] |
| | 90 | > I'm afraid it seems '-listen tcp' is not enough for PuTTY to successfully connect. |
| | 91 | > If the server was started with -auth (which startxwin does since xinit-1.3.4-1), then PuTTY will need authorization data to successfully connect. |
| | 92 | > Whilst you can do this by setting the "X authority file for local display" in PuTTY's configuration to the Windows path equivalent to ~/.serverauth.NNNN, this isn't much of a solution as this filename changes everytime the server is started. |
| | 93 | > Perhaps xinit needs an option to avoid using -auth? One can demonstrate that works by starting the server directly, e.g. using 'XWin -multiwindow -listen tcp' rather than 'startxwin'. |
| | 94 | |
| | 95 | * /usr/bin/startxwin (xint 1.3.4-9) |
| | 96 | {{{ |
| | 97 | xserverauthfile=$HOME/.serverauth.$$ |
| | 98 | }}} |
| | 99 | * {{{startxwin -- -multiwindow -listen tcp}}}で起動したときの /var/log/xwin/XWin.0.log |
| | 100 | {{{ |
| | 101 | XWin was started with the following command line: |
| | 102 | |
| | 103 | /usr/bin/XWin :0 -multiwindow -listen tcp -auth |
| | 104 | /home/mitty/.serverauth.10152 |
| | 105 | }}} |
| | 106 | * {{{-auth}}}のパスが毎回変わるため、PuTTY側で指定するのが困難[[br]][[Image(putty-x11.png,33%)]] |
| | 107 | |
| | 108 | * 最終的に、{{{XWin Server.lnk}}}を以下のようにすることで解決 |
| | 109 | {{{ |
| | 110 | C:\cygwin64\bin\run.exe --quote /usr/bin/bash.exe -l -c "cd; /usr/bin/XWin :0 -multiwindow -listen tcp" |
| | 111 | }}} |
| | 112 | |
