To remove the "-nolisten tcp", you can simply comment out the assignment in the nx2gostartagent script.
On 12/5/13, 2:13 PM, Nick Ingegneri wrote:
All,
I think I found the problem, but I'm not sure how to fix it.
Note the options that nxagent.bin is running with:
nxagent.bin -extension XFIXES -extension GLX -nolisten tcp -R -auth /home/testuser/.Xauthority -geometry 800x600 -name X2GO-testuser-97-1386279395_stRxterm_dp32 :97 The "-nolisten tcp" option is preventing the Xserver from receiving any connections via TCP, so it doesn't appear to matter what I do with xhost or xauth.
Is there a configuration file I can change to remove this option?
Thanks, Nick
On Thursday, December 5, 2013 8:59 AM, Mike Gabriel <mike.gabriel@das-netzwerkteam.de> wrote:
Hi Nick,
On Do 05 Dez 2013 16:46:02 CET, Nick Ingegneri wrote:
Thanks for suggesting the "ssh -Y". That works (as done "ssh -X")
but unfortunately it doesn't solve my problem. We are trying to drop
X2Go into an existing environment as a replacement for a current
solution, and can't force a change in how users connect to the
remote machines. For X2Go we really need to figure out how to get
this working with a simple "xhost +" and "setenv DISPLAY
host:display".Running xhost + on a multi-user host is not a good idea, at all. If
that is your setup of convenience, change it, as it 100% lacks
security. People can access each others' clipboards and read+write
content to/from it. Easily, one can sniff passwords etc. that get
copied to the clipboard, etc.Interestingly, it looks like freenx/opennx work fine in this mode,
but we would prefer not to use that solution as it appears to be a
dead end. There must be something different about how freenx/opennx
set up security vs X2Go, but I can't find much documentation on
configuring security in X2Go.You probably have to play with the xauth command for making your
desired setup work. (Though xhost + makes xauth unnecessary, so maybe
not).I'll spend some more time in the man pages, but any other
suggestions here would be greatly appreciated.Greets, Mike