Posted in Oracle

X11 connection rejected because of wrong authentication.

This is a nice one, while you’re configuring the ssh port forwarding to get your display from the source server onto destination server using SUDO.

In case you don’t know the oracle user’s password on the destination server, but you have sudo privilege, you’re going to do something like this:

On the source:
Change the X11Forwarding from NO to YES in the following file /etc/ssh/sshd_config

ssh server1 -X (using your local user)

On the destination server you get this:

/usr/bin/xauth: file /home/localuser/.Xauthority does not exist
 [localuser@server1 ~]$ ls -l /home/localuser/.Xauthority
 -rw-------. 1 localuser localuser 83 Jan 14 08:41 /home/localuser/.Xauthority
 [localuser@server1 ~]$ xclock

But now you would like to sudo as oracle user and you’ll get this:

[localuser@server1 ~]$ sudo su - oracle
 Last login: Mon Jan 14 03:09:02 UTC 2018
 [oracle@server1 ~]$ xclock
 Error: Can't open display:
 [oracle@server1 ~]$ export DISPLAY=localhost:10.0
 [oracle@server1 ~]$ xclock
 X11 connection rejected because of wrong authentication.
 Error: Can't open display: localhost:10.0
 [oracle@server1 ~]$ exit

One of the solutions would be this:

The reason for not being able to open the display is because on the user oracle we don’t have the same .Xauthority file. So we’re going to add it:

localuser@server1 ~]$ xauth list
 server1/unix:10 MIT-MAGIC-COOKIE-1 0ee9eda295cad0ba2913f8d9df5c61d
-- as oracle user do this:
oracle@server1 ~]$ xauth add server1/unix:10 MIT-MAGIC-COOKIE-1 0ee9eda295cad0ba2913f8d9df5c61d

Problem solved.



I am an Oracle DBA with experience in Maximum Availability technology such as RAC, Data Guard, Grid Control and ASM. I worked with version 9i through 12c on a number of operating systems. Next to that I have an extensive experience with PL/SQL, Oracle eBusiness Suite and shell scripting. Specialties: Oracle RAC & ASM (Configuration/Monitoring/Tuning) Oracle Data Guard (Configuration/Monitoring/Tuning) EM12c (Installation / troubleshooting) SQL & PLSQL *nix Shell scripting

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.