[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wed, 10 Nov 2010, Henry Bremridge wrote:
I have turned my old computer into a server. It is currently running firestarter as a firewall. Unfortunately I no longer have the monitor. Question: does anyone know I can access firestarter over an SSH connection to change the settings so that wife can access it? http://www.fs-security.com/docs/introduction.php states "Firestarter can be installed onto individual servers and managed graphically over SSH or using the shell. " If I log in over SSH and then try and start the gui my error message is X11 connection rejected because of wrong authentication. Gtk-WARNING **: cannot open display: localhost:10.0
Sometimes I think it's easier to just maintain a shell-script... (which is what I do)What's happening in your instance is that either your ssh session is not setting up the right tunnel for X, or the X server on your own PC is not configured to allow remote connections or soemthing else.
It used to be easy to view the output of X programs on another terminal, but then people added security... ;-)
So starting with the basics - you need your local PC to be setup so that when you ssh to another machine it creates the ssh tunnel to pass X data back over... However, since you're getting the display set to "localhost:10.0" it's probably working, however to check:
On your local PC, look at /etc/ssh/ssh_config Look for lines containing ForwardX11 yes ForwardX11Trusted yesThen on the remote, look at /etc/ssh/sshd_config (not sshd here) and look for:
X11Forwarding yes X11DisplayOffset 10restart sshd in needed (/etc/init.d/sshd restart) then logout and login again.
Check $DISPLAY: echo $DISPLAY gordon @ watertower: echo $DISPLAY localhost:10.0 Then try to run something simple: xtermAn xterm ought to pop up on your local display. If that doesn't work, then go back to basics. On your local machine, run:
ssh -v remotehost -l user, etc. and look at the output.However, if you just want a simple firewall, put it in a shell-script and let it run at boot time.
I can not envisage any instances where my wife would ever want to change the firewall on our home system - what are you/she trying to achieve?
Gordon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq