Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.1

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
269270271272273274275276277278
Troubleshooting
Troubleshooting
Appendix G
257
# su ids
$ echo $DISPLAY
x
.
x
.
x
.
x
:10.0
NOTE
x
.
x
.
x
.
x
stands for the IP address of the host.
:10.0 is an automatic result of X11 forwarding being enabled in ssh. You should not
manually set DISPLAY to :10.0.
$ ./idsgui
Unable to display the GUI on
x.x.x.x:10.0
Please check the value of the environment variable
DISPLAY and verify that this machine is authorized
to connect to that display.
If you started your ssh session with the verbose mode, -v, you will see debug messages
similar to the following. Notice the statement “X11 connection uses different
authentication protocol: ‘MIT-MAGIC-COOKIE-1’ vs. ‘’.
xsvr3: Received X11 open request.
xsvr3: Sending open confirmation to the remote host.
xsvr3: X11 connection uses different authentication protocol: ‘MIT- MAGIC-COOKIE-1’ vs. ‘’.
X11 connection rejected because of wrong authentication at Tue Dec 31 15:11:30 2002.
Rejected connection at Tue Dec 31 15:11:30 2002: X11 connection from ::ffff:15.27.232.106 port
56861
xsvr3: Channel 0 closes incoming data stream.
xsvr3: Channel 0 closes outgoing data stream.
xsvr3: Channel 0 sends oclosed.
xsvr3: Channel 0 sends ieof.
xsvr3: Channel 0 receives input eof.
xsvr3: X problem fix: close the other direction.
xsvr3: Channel 0 receives output closed.
xsvr3: Channel 0 terminates.
Cause: This is a simplified explanation.
When you log in to a remote host, and you try to run an X client program on the X server
(that is, on your local host), the client needs to authenticate itself with the X server. To
do this, it gets what is called an MIT-MAGIC-COOKIE, which is stored in ~/.Xauthority.
If the file is not there, it is generated. If the file on the remote host does not match what
the local host thinks it should say, it gives an error.
Now, you logged on as root and ran a X program, and it created a .Xauthority file.
Then you switched to user ids and there is no .Xauthority file for user ids. See the
xauth (1) manpage for details.
Solution: Extract the relevant information from user roots X authority file, and create
an X authority file for user ids.
remotesys
is the full name of your home system (the one
you logged in from).
# id
uid=0(root) gid=3(sys) groups=0(root),1(other),2(bin),4(adm),5(daemon),6(mail),7(lp)
# xauth
Using authority file /.Xauthority
xauth> list