Artis
2009-Feb-08 02:38 UTC
[OpenSSH_5.1] Untrusted X11 forwarding (ssh -X) no longer works?
$ ssh -v OpenSSH_5.1, OpenSSL 0.9.8j 07 Jan 2009 $ ssh -vvv -X example.com [ Relevant debug info: ] debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 [OpenSSH_5.1, OpenSSL 0.9.7j 04 May 2006] debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-TLLOFKxvay/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null Warning: untrusted X11 forwarding setup failed: xauth key data not generated Warning: No xauth data; using fake authentication data for X11 forwarding. debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 $ xeyes $ xeyes debug1: client_input_channel_open: ctype x11 rchan 2 win 65536 max 16384 debug1: client_request_x11: request from 127.0.0.1 39892 debug2: fd 10 setting O_NONBLOCK debug3: fd 10 is O_NONBLOCK debug1: channel 1: new [x11] debug1: confirm x11 debug2: channel 1: read<=0 rfd 10 len 0 debug2: channel 1: read failed debug2: channel 1: close_read debug2: channel 1: input open -> drain debug2: channel 1: ibuf empty debug2: channel 1: send eof debug2: channel 1: input drain -> closed debug2: channel 1: rcvd eof debug2: channel 1: output open -> drain debug2: channel 1: obuf empty debug2: channel 1: close_write debug2: channel 1: output drain -> closed debug2: channel 1: rcvd close debug3: channel 1: will not send data after close debug2: channel 1: send close debug2: channel 1: is dead debug2: channel 1: garbage collecting debug1: channel 1: free: x11, nchannels 2 debug3: channel 1: status: The following connections are open: #0 client-session (t4 r0 i0/0 o0/139 fd 6/7 cfd -1) #1 x11 (t4 r2 i3/0 o3/0 fd 10/10 cfd -1) debug3: channel 1: close_fds r 10 w 10 e -1 c -1 Xlib: connection to "localhost:10.0" refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key Error: Can't open display: localhost:10.0 [Both ends are OpenBSDs. Client side is 4.4-RELEASE. X server is CURRENT] The above xauth command that ssh client tries, fails if executed manually: $ /usr/X11R6/bin/xauth -f /tmp/ssh-TLLOFKxvay/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 /usr/X11R6/bin/xauth: error in locking authority file /tmp/ssh-TLLOFKxvay/xauthfile I have to manually exec xauth +localhost to fix forwarding. Trusted forwarding (-Y) works. Is this somehow related to http://bugs.gentoo.org/237778 and https://bugzilla.redhat.com/show_bug.cgi?id=436230 Artis P.S. I'm not subscribed to the list.
Apparently Analagous Threads
Wisdom of the Ancients
