I wasn't paying much attention when there was a lot of conversation about these issues. I recently ran into a problem where an X app won't run with OpensSSH 3.1p1's default "X11UseLocalhost yes" setting. If I run the X app with the display set to "localhost:16.0" it gets a "BadAccess" error, but if I run it with the display set to "127.0.0.1:16.0" or "realhostname:16.0" it works fine. Can someone please explain the boiled-down version of what's going on here and save me some trouble? Is there anything wrong with setting "X11UseLocalhost no" in sshd_config? Thanks in advance! Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
On Thu, 11 Apr 2002, Ed Phillips wrote: :I wasn't paying much attention when there was a lot of conversation about :these issues. I recently ran into a problem where an X app won't run with :OpensSSH 3.1p1's default "X11UseLocalhost yes" setting. If I run the X :app with the display set to "localhost:16.0" it gets a "BadAccess" error, :but if I run it with the display set to "127.0.0.1:16.0" or :"realhostname:16.0" it works fine. Can someone please explain the :boiled-down version of what's going on here and save me some trouble? Is :there anything wrong with setting "X11UseLocalhost no" in sshd_config? can something in sshd.8 for X11UseLocalhost be clearer? also: http://www.openssh.com/faq.html#3.12
How did you compile your ssh? Did you use the --with-ipaddr-display switch? If so, this may be your problem. Eric Secrist -----Original Message----- From: Kevin Steves [mailto:kevin at atomicgears.com] Sent: Thursday, April 11, 2002 11:23 AM To: Ed Phillips Cc: OpenSSH Development Subject: Re: X11UseLocalhost option and the DISPLAY variable On Thu, 11 Apr 2002, Ed Phillips wrote: :I wasn't paying much attention when there was a lot of conversation about :these issues. I recently ran into a problem where an X app won't run with :OpensSSH 3.1p1's default "X11UseLocalhost yes" setting. If I run the X :app with the display set to "localhost:16.0" it gets a "BadAccess" error, :but if I run it with the display set to "127.0.0.1:16.0" or :"realhostname:16.0" it works fine. Can someone please explain the :boiled-down version of what's going on here and save me some trouble? Is :there anything wrong with setting "X11UseLocalhost no" in sshd_config? can something in sshd.8 for X11UseLocalhost be clearer? also: http://www.openssh.com/faq.html#3.12 _______________________________________________ openssh-unix-dev at mindrot.org mailing list http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
On Thu, 11 Apr 2002, emsecrist wrote: :How did you compile your ssh? Did you use the --with-ipaddr-display switch? :If so, this may be your problem. that has no effect when "X11UseLocalhost yes"
Hi, On Thu, Apr 11, 2002 at 11:25:03AM -0400, Ed Phillips wrote:> I wasn't paying much attention when there was a lot of conversation about > these issues. I recently ran into a problem where an X app won't run with > OpensSSH 3.1p1's default "X11UseLocalhost yes" setting. If I run the X > app with the display set to "localhost:16.0" it gets a "BadAccess" error, > but if I run it with the display set to "127.0.0.1:16.0" or > "realhostname:16.0" it works fine. Can someone please explain the > boiled-down version of what's going on here and save me some trouble? Is > there anything wrong with setting "X11UseLocalhost no" in sshd_config?X11 connections are *really really* hairy for the general case. One would expect that "it's always TCP so the IP address doesn't matter", but that's not true - there are some optimizations in the code so that (usually) "unix:0", ":0", "localhost:0" and "$hostname:0" (usually without domain, though) are not done over TCP/IP but over some sort of local connection mechanism, of which there are at least 4 (unix sockets, pty connects, STREAMS connects for SCO and for ISC). I assume that this "broken" application links some sort of X11 connection library that knows only a few different variants, and for "localhost:16" tries (e.g.) STREAMS while the OpenSSHd only offers TCP/IP and/or unix sockets (guessing here), and doesn't fallback to one of the other methods. After reading the X11 sources (xc/lib/trans/Xtranslcl.c), I'm sure we *really* do not want to emulate all this stuff... Maybe the best way is to have the fallback to "X11UseLocalhost no" for systems that need it, and then apply pressure to vendors to Not Do Stupid Things (like "link in your private copy of LibX11.so"). NB: SCO Unix 3.2v4.2 needs "X11UseLocalhost no" as well. I am fairly sure it comes due to X11 clients shortcutting from TCP/IP to STREAMS connects (no unix sockets here), but can live with it... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert at greenie.muc.de fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de