X authentication is based on cookies -- secret little pieces of random data that only you and the X server know... So, you need to let the other user in on what your cookie is. One way to do this is as follows:
Before you issue the su (but after having ssh'ed into the remote system), request the cookie for the current DISPLAY that's connecting to your X server:
$ xauth list $DISPLAY
You'll get something like
somehost.somedomain:10 MIT-MAGIC-COOKIE-1 4d22408a71a55b41ccd1657d377923ae
Then, after having done su, tell the new user what the cookie is:
$ xauth add somehost.somedomain:10 MIT-MAGIC-COOKIE-1 4d22408a71a55b41ccd1657d377923ae
(just cut'n-paste the output of the above 'xauth list' onto 'xauth add') That's it. Now, you _should_ be able to start any X application.
Comments
No output from xauth list $DISPLAY
<p>What do I do if there's no output from the xauth list $DISPLAY command.</p>
<p> </p>
<p>Xforwarding is working when I ssh to the box but breaks after I do sudo -s. Both root and my user show the same value for $DISPLAY (localhost:11.0)</p>
using "xauth list" should be
using "xauth list" should be before you sudo. If you do not get output then it is possible your X11 forwarding to your non root user is not working properly.
Thanks
Thank you. This was what I needed.
Add new comment