This is a nice one, while you’re configuring the ssh port forwarding to get your display from the source server onto destination server using SUDO.
In case you don’t know the oracle user’s password on the destination server, but you have sudo privilege, you’re going to do something like this:
On the source:
Change the X11Forwarding from NO to YES in the following file /etc/ssh/sshd_config
ssh server1 -X (using your local user)
On the destination server you get this:
/usr/bin/xauth: file /home/localuser/.Xauthority does not exist [[email protected] ~]$ ls -l /home/localuser/.Xauthority -rw-------. 1 localuser localuser 83 Jan 14 08:41 /home/localuser/.Xauthority [[email protected] ~]$ xclock
But now you would like to sudo as oracle user and you’ll get this:
[[email protected] ~]$ sudo su - oracle Last login: Mon Jan 14 03:09:02 UTC 2018 [[email protected] ~]$ xclock Error: Can't open display: [[email protected] ~]$ export DISPLAY=localhost:10.0 [[email protected] ~]$ xclock X11 connection rejected because of wrong authentication. Error: Can't open display: localhost:10.0 [[email protected] ~]$ exit
One of the solutions would be this:
The reason for not being able to open the display is because on the user oracle we don’t have the same .Xauthority file. So we’re going to add it:
[email protected] ~]$ xauth list server1/unix:10 MIT-MAGIC-COOKIE-1 0ee9eda295cad0ba2913f8d9df5c61d -- as oracle user do this: [email protected] ~]$ xauth add server1/unix:10 MIT-MAGIC-COOKIE-1 0ee9eda295cad0ba2913f8d9df5c61d
Problem solved.