Unified Storage, deny administration over ssh on interface

Similar Messages

• X forwarding suddenly failing over ssh

  Hi,
  I have an Ultra 20 running solaris 10, and recently started using the patch manager thingy to update my machine automatically. Well, one of those patches botched X11 forwarding over ssh, with the following error message delivered to the client:
  ==================
  Sun Microsystems Inc. SunOS 5.10 Generic January 2005
  connect /tmp/.X11-unix/X0: Not a directory
  X connection to localhost:10.0 broken (explicit kill or server shutdown).
  ==================
  Looking at this file, i see this:
  ==================
  pwd/tmp/.X11-unix
  ls -FCltotal 0
  srwxrwxrwx 1 root root 0 Oct 12 19:31 X0=
  ==================
  Which looks more or less correct for a socket. (doing just a plain "ls" returns "X0", and not "X0=").
  When run in debug mode, sshd gives this:
  ==================
  debug1: X11 connection requested.
  debug1: channel 3: new [X11 connection from ::1 port 33274]
  channel 3: open failed: administratively prohibited: open failed
  debug1: channel 3: free: X11 connection from ::1 port 33274, nchannels 4
  ==================
  This was working perfectly for a long time, and I don't even know which patch it was that caused the problem.
  Help! I can't stand developing with VI any more! Must run xemacs...
  Thanks,
  Ben

  Hello.
  With my old computer I managed to display this screen on a Windows X client using XDM. On my new machine I did not manage this because dtgreet does not work on remote machines when having installed the latest patches.
  Using SSH it is not possible to show this screen at all.
  If it was possible with another version of dtgreet you had to log-in as "root" using SSH (it would not work with another user) which is a problem because SSH typically denies root access.
  The question is: Why do you wish to show this display on the remote machine? Maybe there is a better way to archieve the goal you actually want.
  Martin

• Ctrl+Shift+Option+5 registers as Option+5 in custom emacs build or over ssh

  I'm having trouble with custom emacs and emacs over ssh with Leopard. Included below is the text of the bug report I filed with Apple. If anyone has any thoughts or suggestions, I'd love to hear about them.
  It won't let me change the OS on this post for some reason, but I'm running Leopard, not Tiger.
  In Terminal.app Version 2.0 (237) when I ssh into my Gentoo Linux server and run emacs, or if I run a custom-compiled version of emacs in terminal mode locally, pressing CtrlShift+Option5 (which should bring up "Query replace regexp:" in the bottom input bar) registers as if only Option+5 was pressed.
  NOTE: I am using the new aluminum USB-2.0 apple keyboard connected to a MacBook Pro running Leopard 9A581. I have not tested any other hardware configurations.
  Steps to reproduce:
  1. Download http://ftp.gnu.org/pub/gnu/emacs/emacs-22.1.tar.gz
  2. Untar the above
  3. cd emacs/mac && ./make-package --self-contained
  4. Copy or move Emacs.app to /Applications
  5. From Terminal.app run "/Applications/Emacs.app/Contents/MacOS/Emacs -nw"
  6. Press CtrlShift+Option5
  OR
  1. SSH into a linux server and run emacs.
  2. Press CtrlShift+Option5
  Expected Results:
  "Query replace regexp:" should appear in the input line at the bottom of the screen.
  Actual Results:
  "ESC 5-" shows up. The escape key is an alternate meta-key, so this indicates that the program believes Meta+5 was pushed, where the actual meta-key that I'm using is Option.
  I never noticed this problem in any version of Tiger, but it occurs in Leopard.

  Perhaps, you should try to reset your preference file to see if it corrects itself.  I have posted the instructions at this link:
  http://forums.adobe.com/thread/1097046?tstart=0
  Good luck.

• Java Caps 5.1.3. and SFTP (FTP over SSH)

  Hi,
  I'm trying to use the BatchSFTP option from the batch eway to setup FTP over SSH. I'm having trouble in setting up the keyfile. I've generated a trusted_hosts file using openSSH via CYGWIN (I'm running on W2003 server). The error I get is: Batch SFTP eWay connection failed, method=[connect()], message=[Exception when connect(), e=java.io.IOException: Invalid SSH1 public key format].
  Has anyone experience with FTP over SSH and can help me out on this.
  Thank you very much,
  Cor Zijlstra
  [email protected]

  You need to convert the server public key for the server that you are connecting with to the IETF SECSH format. If you have access to do that, you can run the command ssh-keygen -f myServerPublickey.pub -e > myIETFServerPublicKey.pub. Otherwise, your UNIX server admin will need to run that. Put the ITEF key in your .ssh directory and have CAPS reference that IETF format and you should be set. Make sure the connectivity map/env explorer is set to public key authentication.
  I think there is a bug in CAPS with how it is handling the SSH formated key. I have been unable to prove it to support. Furthermore, more pressing issues have taken up my time (aka, other projects).
  John

• ADT hangs over ssh

  I am putting the finishing touches on our build system and have run into a show stopper bug in ADT.  It seems that ADT will not function propertly over ssh.  When I issue my ADT package command remotely on my Mac OS X machine via ssh, ADT simply hangs forever.
  The following are the errors I see on the Mac System Log:
  com.apple.SecurityServer: Session 24524 created
  naip: kCGErrorFailure: Set a breakpoint @ CGErrorBreakpoint() to catch errors as they are logged.
  naip: _RegisterApplication(), FAILED TO establish the default connection to the WindowServer, _CGSDefaultConnection() is NULL.
  And then nothing happens.  Forever.
  Looking on the remote system, I see that the ADT process has created 2 files and a directory in the output directory:
  drwxr-xr-x  2 build  staff     68 Jun  8 13:10 adt3612439737122910737.tmp
  -rw-r--r--  1 build  staff  11553 Jun  8 13:10 air6133709946041732094.tmp
  -rw-r--r--  1 build  staff  11553 Jun  8 13:10 air8135951800351503639.tmp
  However, nothing else happens.  The directory adt3612439737122910737.tmp is empty.
  The ADT package command I am running is:
  adt -package -storetype pkcs12 -keystore ../build/input/air/cert.p12 -storepass mypassword -tsa none -target bundle ../build/output/tmp/StoicAssetCompiler.mac.app ../build/output/tmp/EngineCompiler-app.xml -C ../build/output/app app.engine.compiler.swf
  The command works perfectly when I execute it from a terminal session as the build user.  However, any ssh session causes the adt program to hang forever.
  Short version:  How do I invoke ADT over ssh on Mac OS X?

  Additional point of information:
  There are 2 users involved here:
  john
  build
  john is logged into a desktop session. john can run ADT from a terminal, or even from a terminal ssh-d back to localhost as john.
  build can run ADT from a terminal su'd to build.  build cannot run ADT in any ssh session, including one ssh'd from the su'd terminal that works otherwise.

• Qt applications over ssh tunnel: very slow redrawing

  Regularly I do not use many Qt applications, mostly Skype. I run it over ssh tunnel from another computer within the same local network for long time. After recent system update I noticed it became very slow refreshing its graphics. I checked several Gtk and Qt applications and found that Gtk ones work almost with the "native" speed, while Qt ones with that damn slow redrawing...
  I tried ssh with both "ForwardX11" and "ForwardX11Trusted" - there is no difference. I'm using no DE with xmonad WM (tried TWM - no difference either) in x86_64 box.
  Any directions/advices/ideas?
  Thanks!

  Regularly I do not use many Qt applications, mostly Skype. I run it over ssh tunnel from another computer within the same local network for long time. After recent system update I noticed it became very slow refreshing its graphics. I checked several Gtk and Qt applications and found that Gtk ones work almost with the "native" speed, while Qt ones with that damn slow redrawing...
  I tried ssh with both "ForwardX11" and "ForwardX11Trusted" - there is no difference. I'm using no DE with xmonad WM (tried TWM - no difference either) in x86_64 box.
  Any directions/advices/ideas?
  Thanks!

• [Solved] Remotely closing X apps over ssh

  I'm trying to figure out a way to remotely close an application (like firefox) cleanly over ssh.  I know I could run "kill [pid]" or "killall firefox-bin" to close it, but the default termination signal causes firefox to close immediately and give a message at its next start complaining about the program not being shut down properly.  I tried several other signals, all of which had the same problem. 
  Is there a signal that I can issue from kill that will be equivalent to closing the application by clicking the X, pressing Alt-F4, going to File > Quit, etc?  If not, is there some other command I can issue to accomplish the same goal?
  Last edited by liquidsunshine (2009-03-30 21:56:43)

  @Bralkein:
  i like the one liner, i've incorporated it into my script.  i split it up only because i wanted more meaningful errors.
  @liquidsunshine:
  thanks for asking this question, this turned out a nifty script.  i use pkill all the time, now i have wkill to gracefully close programs from CLI and it works from SSH just as well as locally.
  here's the finished product:
  #!/bin/bash
  # wKill
  # pbrisbin 2009
  # gracefully close a program's window from
  # a remote ssh session, or not
  # requires wmctrl
  # example usage: wkill firefox
  # always exit cleanly
  errorout() {
  if [ $R -eq 1 ]; then
  export DISPLAY=""
  fi
  echo "$1"
  exit $2
  # set DISPLAY to your remote X session if we're ssh'd
  # though: maybe a "local DISPLAY=" would work?
  # it'd be cleaner if it did
  if [ -z "$DISPLAY" ]; then
  export DISPLAY=":0.0"
  R=1
  else
  R=0
  fi
  # get the PID by process name
  PID=$(pgrep "$1") || errorout "no process by the name: $1" 1
  # get the hex by pid
  APP=$(wmctrl -pl | grep "$PID" | awk '{print $1}')
  # some things don't get reported correctly
  if [ -z "$APP" ]; then
  APP=$(wmctrl -l | grep "$1" | awk '{print $1}')
  if [ -z "$APP" ]; then
  errorout "wmctrl can't find pid: $PID or app: $1" 1
  fi
  fi
  # close the apps window
  wmctrl -i -c $APP || errorout "wmctrl could not close app: $APP" 1
  # put the DISPLAY back to prevent any problems
  # do this only if we set it above
  if [ $R -eq 1 ]; then
  export DISPLAY=""
  fi
  exit 0
  as Bralkein said, some windows might not get reported correctly.  i added a nested if in there for two reasons:
  a) anything running in a terminal (irssi, mutt, htop) will only be captured by this if they were started with the terminal.  something like `xterm -e mutt`.  if you opened xterm, then opened mutt.  it will be listed as "bash ~" or something in wmctrl and the pid would be of mutt and not xterm... so we're kinda SOL there
  b) b/c i'd rather get a nice "could not find pid: X for app: Y" instead of a grep or wmctrl error message (which is what you'd get if the $APP variable is empty)
  other than the CLI app issue, it should pretty much catch every exception and run quite cleanly.  now if only i knew a real programming language...
  Last edited by brisbin33 (2009-03-31 00:26:49)

• TS4009 Unable to update payment information to complete iCloud storage renewal, tried over 4 times and different cards

  Unable to update payment information to complete iCloud storage renewal, tried over 4 times and different cards

  I had the same issue, Sent Email offering £7.99 for 25 GB. Then sent me an Email at 2.52AM saying I needed to update my payment method although they had just refunded to it. Then 7 hours later, I had tried to before work at 7AM and thought, "as it won't let me do that on my iphone, I'll do it at lunch." Sadly at 9:56 am UK time, They reduced my storage.
  Having Wasted an hour on the phone tonight, they first tried to explain that £7.99 is More than £0.79 times 12. Doh!
  That was followed with lots of being on hold and then being told "We can't go back, We Can't make a refund. We agree it was short notice and that we didn't do it well, there are lots of issues about this and also that we never offered you that (till the saw the email)" So no better off and now having to pay more for same service. That's pretty poor service all around. I have to upgrade as All my files, Backups and Emails are inoperative Till I do so.
  That's pretty bad for a company of this size, Guess they need some more bad press at the moment.

• Running awesome WM over SSH?

  I run awesome on my MacBook Air, when I'm at home, I tend to hook my system up to an external monitor, keyboard & mouse. I have another monitor that I would also like to implement in my setup.
  My current idea is to get Arch installed on one of my Raspberry Pi's and use it as a sort of thin client, so to speak. So, I'd have the Pi connected to the other monitor, have my MacBook serving up an X session over to the Pi via the network (presumably over SSH) and the Pi displaying that on the screen, which would all seamlessly be controlled with Synergy.
  I know that X forwarding is possible, however, I'd like to know if I can serve up an actual awesome session, so my Pi essentially wouldn't actually be running awesome.
  Is this achievable? If so, how might I go about implementing it? I've done searches, however they seem to just assume that the client has some sort of graphical environment running already and then to just pull application windows over X, whereas I want to use it as a full desktop.
  Many thanks in advance for any advice on this, it'd be greatly appreciated

  Hmmm, okay, I have some queries!
  I use SLiM as my display manager on my MacBook, so will this even be possible?
  Ideally, I'd like to have it setup so I can simply power on my Pi, then have it boot up and initiate the X connection to my MacBook and present an awesome session on the monitor. Are there any means by which this can be achieved?
  There's also the factor that I wish to log in as the standard user account that I use, so I'd already be logged in on my MacBook, then have the Pi initiate a connection also through that account... is that even possible? Perhaps I'm thinking this is like SSH
  Again, many thanks in advance for any help on this!
  **EDIT**
  Would it perhaps be possible/better to simply have the Pi set to autologin to a local user (on the Pi) then have it autostart a minimal X session through .bash_profile, and have something like:
  ssh -X -C user@MacBook
  In the .xinitrc?
  (Of course setup with keypairs so the login is automated)
  And then I'd have to figure out a means of autorunning awesome & synergyc once it's logged in...
  This is just brainstorming of course, but it might work better?
  Last edited by Starfall (2012-08-23 11:16:04)

• [vim] has('x11') has('clipboard') over ssh, pb copy/cut in vim

  Hello
  I experiment some problem with vim on my server.
  On my laptop and my server I have vim 7.2.266-1
  :echo has('x11') && has('clipboard')
  It return 1 on my laptop (x86_64) (gnome-terminal) but on the server (i686) (over ssh with gnome-terminal) it return 0.
  :-S
  I don't understand ...
  I would like to know what cause this behaviour and maybe how to enable x11 and clipboard in vim on my server...
  Could you help me please

  X11 and clipboard are run locally.  I do not know of a nice way to do what you want.  I agree, reaching for the mouse when selecting/paste text is cumbersome.

• Using nvidia-settings without X/over ssh

  I have a computer with an nvidia GTX 670 that I want to control remotely. However, I have problems using nvidia-settings over ssh. When trying to use it, I get this error:
  ERROR: Cannot open display ':0.0'.
  When a user is logged in an xfce session locally, I can use nvidia-settings without issue, using the command line over ssh. As soon as I log out from the xfce session, I get
  Invalid MIT-MAGIC-COOKIE-1 key
  ERROR: Cannot open display ':0.0'.
  ERROR: Unable to query attribute GPUCoreTemp specified in query '[gpu:0]/GPUCoreTemp' (no Display connection).
  How can I use nvidia-settings without the need for a user to be logged in locally?

  I am trying to do the same thing with a GT 240. I found something promising here:
  https://sites.google.com/site/akohlmey/ … s-X-Server
  Since you do have a local monitor, it may be easier not having to fake one. I don't have a monitor, I haven't gotten around to trying the Xorg stuff yet.

• [SOLVED] Font glyphs work locally, but not over SSH?

  Hello,
  I am trying to get some font glyphs used for status icons (https://aur.archlinux.org/packages/stlarch_font/) to show up in a tmux session over SSH.
  The setup on the local and remote machines are identical and the fonts work fine in tmux on both machines, running locally.
  When attempting to view a tmux session over SSH, however, the glyphs no longer display and instead there is a blank space where they should be.
  Setup:
  URxvt 9.20
  Tmux 1.9a
  .Xresources (full)
  URxvt*termName: rxvt-256color
  URxvt*font: xft:dejavu sans mono for powerline:regular:pixelsize=16,\
  -misc-stlarch-medium-r-normal--10-100-75-75-c-80-iso10646-1
  .tmux.conf (full)
  set -g default-terminal "screen-256color"
  The setup is based off of tutorial: http://crunchbang.org/forums/viewtopic.php?id=20504
  Any ideas?
  Keith
  Last edited by hughitt1 (2014-07-15 01:00:24)

  --edit--
  It appears that the fonts do show up properly on the remote machines when I simply SSH in; it's only when I enable X11 forwards ("-x" flag) that they no longer work...
  **Update 2014/07/14** Problem not related to X11 forwarding. See below for explanation.
  Last edited by hughitt1 (2014-07-15 01:00:02)

• Remote photoshop scripting over SSH

  I'm trying to get AppleScript scripts to execute on a remote rendering server over SSH (using the osascript command line utility). However, whenever I try to do most anything, I get various Photoshop and/or AppleScript errors that I never get when trying to run the exact same scripts locally. Ultimately, I'm trying to execute a JavaScript file passing JSON arguments from Applescript, called over SSH. Please forgive the verbosity introduced by the simple initial example.
  Server: OS X 10.8.5
  Photoshop: CC 2014
  I see the same type of errors whether I SSH into a server and do the following manually in a shell after logging in, or feed a command to SSH to execute directly (e.g., ssh user@host 'osascript /path/to/script.scpt'). Starting from a basic example, I tried running the following AppleScript snippet. I tried entering it into osascript by hand via stdin, as well as writing it out to a file and calling it remotely. Both resulted in no new file being created, but a success message.
  tell application "Adobe Photoshop CC 2014"
       make new document
  end tell
  No matter how I try to run this remotely, I get the response "document Untitled" from osascript, and Photoshop pops up an error dialog: "Could not complete your request because of a program error."
  More specific to what I'm trying to do, I've got the following code:
  tell application "Adobe Photoshop CC 2014"
       with timeout of 30 seconds
            do javascript("/path/to/local/file.js") with arguments ({"{\"json\": \"document\", ...}"})
       end timeout
  end tell
  When I try to run this locally, I never have a problem. But when I run it over ssh (again, either from the command line or by passing the command directly to ssh), I always get the following:
  script error: Expected end of line but found identifier. (-2741)
  In addition to osascript stopping with that error, Photoshop also pops up the same error dialog: "Could not complete your request because of a program error."
  Anyone have any suggestions or thoughts with regard to how I can get all this working?
  Thanks,
  Brian

  I was able to work around this constraint using a daemon on the local host. However, it would be nice if I could do away with this bit of server code....
  Thanks,
  Brian

• [Solved] Remote X over ssh not working

  Hello, I'm trying to forward X11 over ssh but it's not working.
  I type
  ssh -X 192.168.1.101
  followed by my password, and I log in just fine.
  I try to launch an X11 application and I get
  $kate
  kate: cannot connect to X server
  SSH is supposed to be forwarding a dummy $DISPLAY to allow remote X.  So I type
  $echo $DISPLAY
  and and get back a empty newline.
  Well how about
  $xinit
  Fatal server error:
  Server is already active for display 0
  If this server is no longer running, remove /tmp/.X0-lock
  and start again.
  Please consult the The X.Org Foundation support
  at http://wiki.x.org
  for help.
  Okay, I'll shut down xserver.
  I do it, and type
  $xinit
  again.  KDE launches on my remote box.  It makes sense, but contradicts many guides I have read which say it should launch on my local machine.
  What am I doing wrong here?  This should be ridiculously simple.
  Last edited by xenobrain (2010-07-06 20:45:16)

  Did you enable X forwarding in your sshd config?
  Did you xhost + (or ssh -Y)?
  Did you crop your DISPLAY variable in a bashrc or similar script run at login?
  Last edited by benob (2010-07-06 19:10:54)

• How to handle SFTP (ftp over SSH)

  Hi there,
  I know XI only supports FTP (and FTPS(SSL)) when trying to exchange files with other systems.
  Right now, i have to interconnect a legacy with XI. This external server uses SFTP (FTP over SSH) as an standard of file transfering process.
  Could you please tell me if there is a possibility to integrate them?
  Best regards,
  David

  You'll need either to:
  - develop the connection in a java proxy,
  - develop your own adapter,
  - buy an adapter for SFTP from a 3rd party,
  - if you have UNIX as OS, use OS commands (through shell script in a file adapter for example) to start SSH/SFTP connection.
  Regards,
  Henrique.