[NTLUG:Discuss] xhost question

Fred James fredjame at concentric.net
Sun Oct 6 09:09:31 CDT 2002 

I sit behind an ANG-1105, which is a hardware VPN client, and 10.50.3.60 
is the private IP assigned.  I find it listed in the env(ironment) of 
the host (server) as REMOTEHOST=10.50.3.60 after I telnet there.  I use 
it then in the command "setenv DISPLAY 10.50.3.60:0.0", after which env 
shows "DISPLAY=10.50.3.60:0.0".  Without "setenv", env would show 
"DISPLAY=hostname.domainname:0.0" where hostname and domainname are 
valid on the client machine.  If I accept this default I get the same 
messages: "Error: Can't open display hostname.domainname:0.0".  That, 
and to avoid any possible conflict with the DNS host, is why I tried the 
IP in place of the name

The route is from here (home - Irving TX) to corp. HQ (Baltimore) to 
here (work - Irving TX), all over the corp. VPN.  "xhost" on the client 
list "INET:name_of_host"  (Seems like a long way to go for a 7 mile 
trip, but that is the way it is set up).

On the client: "xhost +" adds the following line to the "xhost" list 
display:
    access control disabled, clients cannot connect from any host

On the client: "xhost -" adds the following line to the "xhost" list 
display:
    access control enabled, only authorized clients can connect

This seems backwards from the description in the man(ual) pages, but in 
either case it has no effect on the outcome.

Once telnet'd to the SGI machine, the "xhost" comman in any of the 
following forms returns "xhost: unable to open display "10.50.3.60:0.0"
    xhost
    xhost +10.50.3.60
    xhost -10.50.3.60
    xhost +
    xhost -
and in any case the error message returned from "xclock -title 
`hostname` &"  remains "Error: Can't open display: 10.50.3.60:0.0"


Steve Baker wrote:

> Fred James wrote:
>
>> Error: Can't open display: 10.50.3.60:0.0
>
>
> So, I wonder if 10.50.3.60 truly is the address of your Linux
> box - and I wonder whether the xhost command really worked.
>
> Is there any internet address mangling going on anywhere here I wonder?
>
> Perhaps one of these machines has multiple ethernet adaptors and is using
> the wrong one and hence making the request using a different network 
> address
> than the one you gave 'xhost' permission to?
>
> Running xhost with no parameters lists the currently allowed hosts.  
> You might
> also try (just as an experiment) 'xhost +' with no host name - which 
> gives
> permission to all comers (which is somewhat dangerous - but OK as a 
> test - just
> to be *sure* you've given permission to the SGI machine).
>
> ----------------------------- Steve Baker -------------------------------
> Mail : <sjbaker1 at airmail.net>   WorkMail: <sjbaker at link.com>
> URLs : http://www.sjbaker.org
>        http://plib.sf.net http://tuxaqfh.sf.net http://tuxkart.sf.net
>        http://prettypoly.sf.net http://freeglut.sf.net
>        http://toobular.sf.net   http://lodestone.sf.net
>
>
>
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>
>

-- 
small is beautiful

More information about the Discuss mailing list