[opensuse] Some machine just can not x11vnc but others work fine?
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels via vnc via vncviewer or similar. The machines are running leap 42.2 and basically I am ssh-ing into them and running as root (or via sudo) the following line:
sudo x11vnc -localhost -nolookup -nopw -display :0 -auth guess
One machine works perfectly, prints out all sort of stuff that it is grabbing the local :0 session of X or vnc and those display and screen names and all that technical stuff. But this other machine never managed to do that. It quits and comes with a mere output of four error lines:
09/03/2017 14:27:54 x11vnc version: 0.9.13 lastmod: 2011-08-10 pid: 2028 xauth: file /root/.Xauthority does not exist 09/03/2017 14:27:54 -auth guess: failed for display=':0' 09/03/2017 14:27:54 -auth guess: since we are root, retrying with FD_XDM=1 09/03/2017 14:27:54 -auth guess: failed for display=':0'
What is wrong here and how can I make it work? The other machines it runs flawlessly detecting some of those settings automatically, and I can then vnc into it via an ssh-forwarded tcp port to the 5900 tcp port of that linux machine. That .Xauthority file doesnt exist on the working machines either, just as a remark. Weird. Whats up here? Thanks for all the help. TIA. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am 09.03.2017 um 17:28 schrieb cagsm:
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels via vnc via vncviewer or similar.
The machines are running leap 42.2 and basically I am ssh-ing into them and running as root (or via sudo) the following line:
sudo x11vnc -localhost -nolookup -nopw -display :0 -auth guess
One machine works perfectly, prints out all sort of stuff that it is grabbing the local :0 session of X or vnc and those display and screen names and all that technical stuff.
But this other machine never managed to do that. It quits and comes with a mere output of four error lines:
09/03/2017 14:27:54 x11vnc version: 0.9.13 lastmod: 2011-08-10 pid: 2028 xauth: file /root/.Xauthority does not exist 09/03/2017 14:27:54 -auth guess: failed for display=':0' 09/03/2017 14:27:54 -auth guess: since we are root, retrying with FD_XDM=1 09/03/2017 14:27:54 -auth guess: failed for display=':0'
What is wrong here and how can I make it work?
Is an X server running on the failing machine? Is X running on display 0? Try to figure out which user is logged in, tell them what you're doing, and use -auth /home/<user>/.Xauthority instead of -auth guess
The other machines it runs flawlessly detecting some of those settings automatically, and I can then vnc into it via an ssh-forwarded tcp port to the 5900 tcp port of that linux machine.
That .Xauthority file doesnt exist on the working machines either, just as a remark. Weird. Whats up here?
The .Xauthority file is created when a user logs in via a display manager. The file contains information to secure the communication between X server and clients. Without this, other users would be able to spy on a running session. root is the exception because it can read .Xauthority files of other users. Note: Forwarding a display as root without knowledge and consent of the user using the machine at the time is at least morally questionably. In many countries, it's illegal even with the consent of the user (in the same way as you can't "consent" to torture). Regards, -- Aaron "Optimizer" Digulla a.k.a. Philmann Dark "It's not the universe that's limited, it's our imagination. Follow me and I'll show you something beyond the limits." http://blog.pdark.de/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Mar 9, 2017 at 5:46 PM, Aaron Digulla
Is an X server running on the failing machine? Is X running on display 0? Try to figure out which user is logged in, tell them what you're doing, and use -auth /home/<user>/.Xauthority
instead of
-auth guess
Thanks for quick reply, but I am having idling suse machines and there is nobody logged in but standard graphic mode booted up, runlevel5 i guess back in the old days and there is some kde or sddm or what it is called these days logon window. Bascially my machines are kinda very similar or same but they are not new installs of fresh leap 42.2 so there is probably cruft or leftovers or migration stuff. If there is a graphical pixels visible when I visit the machines, and there is that kde login window showing with some local usernames existing on the machine, that means there is some x server running on :0 doesnt it? I have not very much dealt with all these layers and stuff that builds on top of each other in the unix and linux world. It seems quite complicated or grown in the unix world and how it all interacts and fits together. How can I find out more about why it is failing? As I said, there is no user being logged in at the other machine either, all I do is ssh into it, and then fire up that command. I want to grab the real pixels that show there, as if I would walk over physically to the machine itself. That is the task I am trying to achieve. And it never worked on this failing machine. I never figured out why so far. TY. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am 09.03.2017 um 17:54 schrieb cagsm:
How can I find out more about why it is failing? As I said, there is no user being logged in at the other machine either, all I do is ssh into it, and then fire up that command. I want to grab the real pixels that show there, as if I would walk over physically to the machine itself. That is the task I am trying to achieve. And it never worked on this failing machine. I never figured out why so far.
When no user is logged in, then "guess -auth" can't succeed: You're telling x11vnc to figure out the current logged in user and connect to his/her display. No user logged in -> no auth info -> failure. Try to log in yourself and see if that helps. Next stop: X options. Run ps -ef | grep /X That should print something like UID PID PPID C STIME TTY TIME CMD root 10018 10012 7 Mär03 tty7 10:22:33 /usr/bin/X :0 ... The ":0" specifies the display which X is running on. This value must be the same as the one in your call to x11vnc. Regards, -- Aaron "Optimizer" Digulla a.k.a. Philmann Dark "It's not the universe that's limited, it's our imagination. Follow me and I'll show you something beyond the limits." http://blog.pdark.de/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Mar 9, 2017 at 6:28 PM, Aaron Digulla
When no user is logged in, then "guess -auth" can't succeed: You're telling x11vnc to figure out the current logged in user and connect to his/her display. No user logged in -> no auth info -> failure.
well thanks for your hints, I just wrote in my other reply, this kinda still works on other machines, and nobody is logged in there either, and there is still that auth file even for this "anonymous" root process that owns the kde or x logon screen and those parts of the process. on some other leap machine the -auth guess works, and nobody is logged in there or did i forget to log out on those machines and the kde session is just locked there? who knows. maybe your hint is correct i could verify this some other time. but i managed to use that actual authfile filename and path via ps wwaux | grep auth and use it as a parameter for -auth instead of the guess the actual file name of the authfile Thanks again. TY. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
09.03.2017 19:28, cagsm пишет:
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels
To my best knowledge it is not possible. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Mar 9, 2017 at 5:50 PM, Andrei Borzenkov
09.03.2017 19:28, cagsm пишет:
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels To my best knowledge it is not possible.
uhm, it is, I am doing it on my other server and other machines. All opensuse leap 42.2 when I tried it first time in my life. I wanted to access the actual desktop console session or whatever that :0 is called in unix terms. I dont wana create a virtual or invisble fresh session, but I wana see what is happening on the phyical machine and its graphics card. Its not about spying users or so as the other kind fellow wrote about. This is just some servers needing to attend to. Nobody is logged in. I suppose those programs, xserver an x11 and that logon menu of plasma or kde is all running as root id or whatever those services run in if that matters anything. But anyhow, this works fine on some machines, but doesnt work at all on that machine I am having trouble with to make it run there :( TY. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
09.03.2017 19:58, cagsm пишет:
On Thu, Mar 9, 2017 at 5:50 PM, Andrei Borzenkov
wrote: 09.03.2017 19:28, cagsm пишет:
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels To my best knowledge it is not possible.
uhm, it is, I am doing it on my other server and other machines. All opensuse leap 42.2 when I tried it first time in my life. I wanted to access the actual desktop console session or whatever that :0 is called in unix terms. I dont wana create a virtual or invisble fresh session, but I wana see what is happening on the phyical machine and its graphics card.
So you claim that you can log in locally, using physical mouse/keyboard/display then connect over VNC and resume your work? I would be interested how you achieved it.
Its not about spying users or so as the other kind fellow wrote about. This is just some servers needing to attend to. Nobody is logged in. I suppose those programs, xserver an x11 and that logon menu of plasma or kde is all running as root id or whatever those services run in if that matters anything.
I still fail to see why you need to see output to local display. You can do everything over remote terminal or remote GUI and if you need to reboot server, you need connection to service processor (iLO, iDRAC, iRMC, whatever) anyway. And if you have connection to service processor, you already have your local console.
But anyhow, this works fine on some machines, but doesnt work at all on that machine I am having trouble with to make it run there :( TY.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Mar 9, 2017 at 6:10 PM, Andrei Borzenkov
So you claim that you can log in locally, using physical mouse/keyboard/display then connect over VNC and resume your work? I would be interested how you achieved it.
This is just a part of what I am trying to do. Actually the stuff that any windows user of vnc would do, as there is only one real physical session on the windows non-server machines. Just give me all the pixels that your graphics driver is currently outputting to your monitor, just over vnc. Thats all. I can log in physically on the machine, but I can just see the logon screen of that kde or plasma or whatever its name is. There is my username listed there that I can click on or enter a username and a pass. There are those graphical elements of that kde or plasma visible and the green lantern or bulb or what it is currently with leap as background and the shutdown and reboot buttons and just everything or anything. As I wrote before, I want the pixels from the linux machine. This is a nobrainer to me, as I was doing this often in the windows world. And then i got curious how or if you can do this on the linux world and eventually found x11vnc or that command. Anyways, back to my problem here, the -auth guess parameter seems to not work here on the machine. ps wwaux | grep auth gave me that x command or server command with its parameter which shows that auth file or parameter with full path, and now i was able to use that as -auth /file/path/here instead of -auth guess and now it works, even on this dang machine. Dunno why it wouldnt take the -auth guess it takes that on the other machine-s
I still fail to see why you need to see output to local display. You can do everything over remote terminal or remote GUI and if you need to reboot server, you need connection to service processor (iLO, iDRAC, iRMC, whatever) anyway. And if you have connection to service processor, you already have your local console.
Well fail to see? cos it would be the simple most simple way to see what is happening at the machine or just to make use of it. thats all there is to it. it just works. i want to see the pixels of the machine. thats all. i can ssh to it. i fire up the
x11vnc -localhost -nolookup -nopw -display :0 -auth /var/lib/kdm/AuthFiles/A:0-XYZDZSHAHSDA
command as root, as thats the current filename paramter for my authfile, whatever is in that file and so on, i didnt disect the x11vnc innermost workings and i am not familiar and can just not learn all the neat layers of linux graphics stack, and desktop environments, and authorisation layers and what not :) just yet. And it works. Now i see the kde logon screen and I was able to log in. Thanks for helping and point out to grab some of those hardware devices, it has been long ago that i was busy with one of those. this is off limits for the machines i am dealing with in the scenario. Maybe i file some bug or question at the x11vnc authors page or contact information why the guess wouldnt work here. Or maybe some other kind folk with deep insight can deal me some clues and more hints where to fix this and why this happens. Thanks again to all involved here. TY. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am 09.03.2017 um 17:50 schrieb Andrei Borzenkov:
09.03.2017 19:28, cagsm пишет:
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels To my best knowledge it is not possible.
Heh. You wish. X11 isn't very secure by default. Even when secured properly (as in opensuse), anyone with root access to the machine can spy on the local X displays (you can have more than one X server running on the same machine). Without root access, things are a bit harder. Somehow, you need to get access to the file .Xauthority, for example with a fake X client - like a script called "$HOME/bin/xterm" which makes a world-readable copy of the file. If X isn't configured correctly, anyone on the same machine can spy. And if you have XDCMP running on such a system, X is open to anyone on the same network. Regards, -- Aaron "Optimizer" Digulla a.k.a. Philmann Dark "It's not the universe that's limited, it's our imagination. Follow me and I'll show you something beyond the limits." http://blog.pdark.de/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
09.03.2017 20:35, Aaron Digulla пишет:
Am 09.03.2017 um 17:50 schrieb Andrei Borzenkov:
09.03.2017 19:28, cagsm пишет:
I have once looked up some very basic way to grab some remotely running opensuse machine and see its real console pixels To my best knowledge it is not possible.
Heh. You wish. X11 isn't very secure by default. Even when secured properly (as in opensuse), anyone with root access to the machine can spy on the local X displays (you can have more than one X server running on the same machine).
OK, I got mentally confused, because "real console pixels" are to me actual console, independent of any running software. What if you do not have X running at all? Or it is hung? But yes, I never used x11vnc so I completely forgot about it and mixed with Xvnc. Sorry. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Aaron Digulla
-
Andrei Borzenkov
-
cagsm