I'm trying to setup a one-time SSH tunnel which instantiates x11vnc on a logged-in display.
ssh -f -t -L 5900:localhost:5900 user@10.1.10.1 'sudo /usr/bin/x11vnc -safer -once -nopw -display :0 -auth /home/user/.Xauthority'
/etc/sudoers:
user@myhost:~$ sudo cat /etc/sudoers
[sudo] password for user:
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/
# instead of directly modifying this file.
#
Defaults:user !requiretty
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL=(ALL:ALL) ALL
user ALL=(ALL:ALL) NOPASSWD: /usr/bin/x11vnc
%admin ALL=(ALL) ALL
%sudo ALL=(ALL:ALL) ALL
The end result is this:
Pseudo-terminal will not be allocated because stdin is not a terminal.
bind: Address already in use
channel_setup_fwd_listener: cannot listen to port: 5900
Could not request local forwarding.
ebz@icarus:~ $ sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
It does say bind: Address already in use
, but I feel this is not true and unrelated:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 10.1.10.1:domain *:* LISTEN -
tcp 0 0 *:ssh *:* LISTEN -
tcp6 0 0 xxxx::xxxx:xxxx::domain [::]:* LISTEN -
tcp6 0 0 [::]:ssh [::]:* LISTEN -
Safe to say we can ignore that message. Also, removing the sudo entry for user has no effect, either.
Thanks, guys. Cheers.
P.S. The solution here – No TTY present when running commands over SSH.. – didn't work 🙁
Also, a side note, THIS IS SERVER RELATED (BACKGROUND REGARDING A CUSTOM LXC VMM IMPLEMENTATION FOR OPENNEBULA). Please DO NOT mark this off-topic as this is a valid application use case.
UPDATE
Plus -tt
, minus -f -t
switches:
$ ssh -tt -L 5900:localhost:5900 user@10.1.10.1 'sudo /usr/bin/x11vnc -safer -once -nopw -display :0 -auth /home/user/.Xauthority'
bind: Address already in use
channel_setup_fwd_listener: cannot listen to port: 5900
Could not request local forwarding.
[sudo] password for user:
But it prompts for a password? It works after I enter the password though.
Best Answer
Make sure that
user
isn't in either of the groupsadmin
orsudo
or put the sudoers line foruser
after the group lines.From the sudoers man page