so I have Ubuntu headless server on which I have docker installed.
I would like to run GUI app in Docker container and see them on my mac when I connect via ssh.
I followed instructions from here
What i did:
1) install xQuartz on mac
got the auth list cookie:
Cyrils-MacBook-Pro.local/unix:0 MIT-MAGIC-COOKIE-1 02f42525dec4a8b4ee2xxxxxx
2) connect to my remote server via ssh - X uname#password
3) installed xauth on the server
got the xauth cookie:
ubuntu/unix:10 MIT-MAGIC-COOKIE-1 0e6810e9913aca02e0xxxxxxx
4) add the xauth cookies to the container: the one from the server and the one from my mac
5) Launch a docker container and installed firefox to test
6) install xauth in the container
7) add the xauth cookies to the container: the one from the server and the one from my mac
8) but when i run firefox (inside the container), i got this error:
Failed to connect to Mir: Failed to connect to server socket: No such file or directory
Unable to init server: Broadway display type not supported: localhost:10.0
Error: cannot open display: localhost:10.0
When i do echo $DISPLAY in the container, i have:
localhost:10.0
When i do echo $DISPLAY in the server, i have:
localhost:10.0
When i do echo $DISPLAY on my mac, i have:
/private/tmp/com.apple.launchd.G35gSHS5qU/org.macosforge.xquartz:0
I've enable the X11forwarding on my Mac (ssh_config) and my Server (sshd_config) and when i enter my container and launch the GUI app, I got this error:
X11 connection rejected because of wrong authentication.
The error is obvious, but I don't know how to fix it.
In the container, the cmd xauth list give me:
Cyrils-MacBook-Pro.local/unix:0 MIT-MAGIC-COOKIE-1 02f42525dec4a8b4ee2xxxxxx
ubuntu/unix:10 MIT-MAGIC-COOKIE-1 0e6810e9913aca02e0xxxxxxx
in the server, the cmd xauth list give me:
Cyrils-MacBook-Pro.local/unix:0 MIT-MAGIC-COOKIE-1 02f42525dec4a8b4ee2xxxxxx
ubuntu/unix:10 MIT-MAGIC-COOKIE-1 0e6810e9913aca02e0xxxxxxx
in my mac, the cmd xauth give me:
Cyrils-MacBook-Pro.local/unix:0 MIT-MAGIC-COOKIE-1 02f42525dec4a8b4ee2xxxxxx
Related
The docker documentation here describes how to configure docker in order to connect to a registry that requires a client certificate. Under Ubuntu it works: I place the client.crt and client.key files into the folder /etc/docker/certs.d/<myregistry>/ as stated by the documentation ... and it works.
Unfortunately, there is no specific documentation how to configure docker under windows (wsl backend) to achieve the same result... and I stuck... I performed following attempts:
Imported the private key and certificate into the windows certificate manager, restarted docker
added the cert and key files into the docker-desktop wsl file system in /etc/docker/certs.d/<myregistry>/, restarted docker...
added the cert and key files into the docker-desktop-data wsl file system in /etc/docker/certs.d/<myregistry>/, restarted docker
added the cert and key files into the docker-desktop wsl file system in /root/.docker/certs.d/<myregistry>/, restarted docker
added the cert and key files into the docker-desktop-data wsl file system in /root/.docker/certs.d/<myregistry>/, restarted docker
I always get the same result:
PS C:\> docker login -u <remote_user> <myregistry>
Password:
Error response from daemon: login attempt to https://<myregistry>/v2/ failed with status: 400 Bad Request
Any Idea?
I found it! You need to place the cert and key files into the C:\Users\<user>\.docker\certs.d\<mysite>\ as follows:
C:\Users\<user>\.docker\certs.d\<mysite>\client.cert
C:\Users\<user>\.docker\certs.d\<mysite>\client.key
Docker must be restarted and after that, the login with the command docker login <mysite> does not fail anymore.
I am testing out Lando for a new local dev setup.
Everything has gone well so far but I am running into an error that I don't get on my old Vagrant/VM environment, but do with Lando.
We have part of the site that uses Guzzle to fetch data from a web service. On Lando, I get a cURL error:
cURL error 7: Failed to connect to webservice.internalsite.com port 80: No route to host
How can I resolve this? When I try to ping that url, it says "Destination host unreachable". I am using Docker For Mac if that factors in.
I have installed ubuntu terminal in window 10. It's work fine but when I install gedit or any other application then these applications installed successfully but I can not open it. Whenever I tried it gives me the Error mentioned below.
"Failed to connect to Mir: Failed to connect to server socket: No such file or directory
Unable to init server: Could not connect: Connection refused
(gedit:4821): Gtk-WARNING **: cannot open display:"
In the description of "Ubuntu terminal", it says: "run Ubuntu command line utilities". gedit is not a command line utility. It is a graphical utility, so it is not supported out of the box.
Your hope is that the final error is cannot open display. I bet that if you provide a suitable display in your computer, the utility will show up. Search for a X-server for your windows machine and try with the X-server installed.
This could help: https://www.howtogeek.com/261575/how-to-run-graphical-linux-desktop-applications-from-windows-10s-bash-shell/
I have set-up or have been provided with an secured URL (HTTPS) to a remote Docker registry. I need to perform docker login into the remote registry in order to be able to push my locally built Docker images.
The command would be something like:
docker login -u myUser https://registry.mydomain.example.com
However, docker login fails with x509 certificate verification error like:
Error response from daemon: Get https://registry.mydomain.example.com/v2/: x509: certificate signed by unknown authority
I'm using macOS / OS X, how can I get my local Docker (Docker client) to accept remote repository's TLS certificate for HTTPS traffic?
Also, once the secure HTTPS connection works, how do I build and push my image to the remote repository, after I've written the Dockerfile and tested locally that my image works?
Unlike the Docker documentation's link regarding this matter specifically mentions, the Linux/Unix instructions work for macOS / OS X as well:
https://docs.docker.com/engine/security/certificates/
I got below instructions working with MacBook Pro using macOs High Sierra 10.13.5 (17F77)
Docker client (local Docker) version: 18.03.1-ce
Place the Certificate Authority (CA) file, provided by the remote registry admin, into the specific folder structure via terminal commands:
sudo mkdir -p /etc/docker/certs.d/registry.mydomain.example.com
sudo cp ca.crt /etc/docker/certs.d/registry.mydomain.example.com
Note: If you are using URL with port to connect to the registry, the port needs to be included in the foldername under certs.d folder. The URL can also be in the form of IP:
sudo mkdir -p /etc/docker/certs.d/registry.mydomain.example.com:443
sudo mkdir -p /etc/docker/certs.d/172.123.123.1:443
EDIT TO ADD!
I tested this with a co-worker and it was discovered that addition of the CA file into macOS Keychain was required (I had also done this previously). It is currently unknown if the above /etc/docker steps are even required on Mac. We used this guide to import ca.crt file into the Keychain (visible as "not trusted" at Certificates menu).
https://www.sslsupportdesk.com/how-to-import-a-certificate-into-mac-os/
Afterwards, restart your local Docker.
Docker login should work normally afterwards. If you still keep getting the x509 unknown authority error, it might be a good idea to verify the remote registry's server certificate's (obtainable e.g. by navigating to the registry's URL with browser) validity against the CA file, using openssl commands:
https://www.sslshopper.com/article-most-common-openssl-commands.html
Below is an example if working with OpenShift integrated (Atomic) registry:
oc login https://registry.mydomain.example.com -u myUser --certificate-authority=ca.crt
docker login -u $(oc whoami) -p $(oc whoami -t) https://registry.mydomain.example.com
You should get a prompt that Login Succeeded, then:
docker build -t registry.mydomain.example.com/openshiftProject/my-image:1.0 .
docker push registry.mydomain.example.com/openshiftProject/my-image:1.0
I am trying to access a remote ubuntu server through ssh -X from mac. I enabled X11 Forwarding in the sshd_config. After connecting the ubuntu, when I try to start wireshark, I get the below error
Invalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1 keyError: Can't open display: localhost:10.0
thanks
Do an 'xhost +' on the host Mac (look up the man page for xhost if you want it more secure than allowing all X11 hosts to connect), then ssh -X.
I had the same problem when I used NoMachine client to connect to the remote host. I fixed by terminating the current NoMachine session and starting a new one.