Displaying 20 results from an estimated 107 matches for "x11displayoffset".
2000 Dec 22
1
XAUTHORITY=/tmp/ssh-*/cookies makes forwarding through firewall difficult...
...dly, but I haven't seen a solution to the following problem.
Remote user logs into firewall. On firewall, DISPLAY var set to secure
channel, XAUTHORITY set to /tmp/ssh-*/cookies. X11 forwarding from
firewall works fine.
User logs into machine behind firewall, and sets DISPLAY var to
firewall:X11DisplayOffset.0. Xauth fails because neither XAUTHORITY nor
~/.Xauthority are correct. /tmp on firewall is not visible to machines
behind firewall. Problem is independent of broken login scripts that
bash XAUTHORITY.
A workaround I've found that works:
Remote user logs into firewall. On firewall: 'c...
2013 Jan 31
2
OpenSSH NoPty patch
...if (options->no_pty == -1)
+ options->no_pty = 0;
if (options->strict_modes == -1)
options->strict_modes = 1;
if (options->tcp_keep_alive == -1)
@@ -314,7 +317,7 @@ typedef enum {
sListenAddress, sAddressFamily,
sPrintMotd, sPrintLastLog, sIgnoreRhosts,
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
- sStrictModes, sEmptyPasswd, sTCPKeepAlive,
+ sNoPty, sStrictModes, sEmptyPasswd, sTCPKeepAlive,
sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPi...
2011 Oct 26
4
C6: ssh X-forwarding does not work
Hi all,
I have C6 i386 with cr repo enabled;
problem is, I can't get x-forwarding to work, xorg-x11-auth rpm is
installed, have checked sshd config for
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
Here is a verbose ssh logon, I can't see any difference to a working server:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback st...
2003 Jul 14
0
[Bug 617] sshd binds to port 6010
...hich I don't understand as I am not familiar with ssh well
> enough, sshd 'stole' the port 6010
Ah, OK, you should have put that in the bug report.
6010 is by default the first X11 forwarding port.
You can turn it off with "X11Forwarding no" or change the port with
"X11DisplayOffset [number]" (both in sshd_config). The number by default
is "10" and is added to the normal X11 port (6000) to give the first X11
forwarding port.
Your best bet is probably to set "X11DisplayOffset 20".
/etc/services is not a reservation system at all, it is merely a way t...
2001 Apr 10
2
LBX Support : Where to start
I would like to put a patch in OpenSSH start lbxproxy on the server if
both ends of the connection support LBX. I'm having difficulty figuring
out where to put this code, specifically I can't seem to find where the
X11 handshaking happens. Could someone help me out on this??
-Carl
2008 Apr 03
1
Omission in sshd_config man page
...word in a 'Match' block is missing. It currently lists only:
AllowTcpForwarding, Banner, ForceCommand, GatewayPorts, GSSApiAuthentication, KbdInteractiveAuthentication, KerberosAuthentication, PasswordAuthentication, PermitOpen, PermitRootLogin, RhostsRSAAuthentication, RSAAuthentication, X11DisplayOffset, X11Forwarding, and X11UseLocalHost.
>From recent testing in setting up a chroot'd SFTP-only environment (thank you for that!), the following is also permissible:
ChrootDirectory.
I hope this helps.
--
Peter SJF Bance
http://www.minstrel.org.uk/
2009 Feb 04
4
5.1p1 and X11 forwarding failing
I'm really scratching my head on this one. The server
is running OpenSSH 5.1p1 on Solaris 9. The authentication
is via PAM if that matters.
# grep X11 sshd_config | sed '/^#/D'
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
#
Now I attach to my 'master' sshd and follow all children
to look for any evidence of "DISPLAY":
# truss -f -a -e -p 14923 2>&1 | grep DISPLAY
I then fire up ssh -X from a client machine, login, and
truss reports nothing.
If I perform the EXACT s...
2001 Nov 11
1
[PATCH]: Change contrib/cygwin/ssh-host-config
...ssh/known_hosts for RhostsRSAAuthentication
-#IgnoreUserKnownHosts yes
-
-#
# The following setting overrides permission checks on host key files
# and directories. For security reasons set this to "yes" when running
# NT/W2K, NTFS and CYGWIN=ntsec.
StrictModes no
-X11Forwarding no
-X11DisplayOffset 10
-PrintMotd yes
-KeepAlive yes
-
-# Logging
-SyslogFacility AUTH
-LogLevel INFO
-#obsoletes QuietMode and FascistLogging
+RSAAuthentication yes
+PubkeyAuthentication yes
+#AuthorizedKeysFile %h/.ssh/authorized_keys
+# rhosts authentication should not be used
RhostsAuthentication no
-#
+# D...
2016 Jun 02
2
MaxDisplays configuration option
...ine MAX_DISPLAYS 1000
I have made changes to OpenSSH portable that allow this setting to be
configured via an option in sshd_config named MaxDisplays. If not
explicitly set, it maintains the default value of 1000.
It seems to me that this setting should be configurable by the user similar
to how X11DisplayOffset is configurable. I've read the code carefully and
am currently using this patch in my production environment without any
issues. I don't see any reason this change would cause any issues for users
that do not need to explicitly set it. I also don't envision this being a
maintenance burd...
2004 Jan 21
2
PAM auth stage rejection not working
...Protocol 2,1
HostKey /usr/local/etc/ssh/ssh_host_key
HostKey /usr/local/etc/ssh/ssh_host_rsa_key
HostKey /usr/local/etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts yes
RhostsRSAAuthentication
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
PrintLastLog no
SyslogFacility AUTH
LogLevel INFO
RhostsRSAAuthentication no
HostbasedAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
UsePAM yes
#ChallengeResponseAuthentication no
KerberosAuthentication no
UseLogin no
Banner...
2004 Aug 24
1
Possible problem with hostbased protocol 1 rhosts authentication
...t;
# This is ssh server systemwide configuration file.
"
Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh_host_key
RandomSeed /etc/ssh_random_seed
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 7200
PermitRootLogin yes
IgnoreRhosts no
StrictModes yes
QuietMode no
X11Forwarding yes
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
KeepAlive yes
SyslogFacility DAEMON
RhostsAuthentication yes
RhostsRSAAuthentication yes
RSAAuthentication no
PasswordAuthentication yes
PermitEmptyPasswords no
UseLogin no
"
The rest of the detail is in the attached text file.
I hope that is enough info....
2000 Apr 09
2
Password Login Failing... (Not sure this went through)
..._key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for
RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes
# To disable tunneled clear tex...
2003 Nov 13
1
SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE
...nge to no to disable PAM authentication
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#AFSTokenPassing no
# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no
# override default of no subsystems
Subsystem sftp...
2004 Sep 17
3
sftp-server debug output
...sswordAuthentication''
#PAMAuthenticationViaKbdInt yes
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
X11Forwarding yes
X11DisplayOffset 256
PrintMotd no
#PrintLastLog no
KeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
#ReverseMappingCheck yes
Subsystem sftp /opt/talisen/ssh/rsftp-server
--------- end of file ---------
Anyone know what I''m missing?
Thanks in advance,
JJ
2000 Sep 08
3
OpenSSH PPP tunneling issue
..., assume to be
100.100.100.100)
/etc/ssh/sshd_config:
Port 22
Protocol 2,1
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_key
HostDSAKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
/etc/ppp/options:
lock
local
noauth
proxyarp
Client information:
*Stock Redhat 6.2 machine running a 2.2.17pre20 kernel
OpenSSH version 2.2.0p1 (downloaded as Redhat RPMs, revision 2)
OpenSSL version 0.9.5a (downloaded as Redhat RPMs, revision 3)
PPP version 2.3.11...
2001 Feb 21
1
further problems with OpenSSH 2.5.1p1 on RH 6.2
...sa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes
# To disable tunneled clear...
2006 Jun 20
1
unable to login with LDAP when set Uselogin to yes
...# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but
set
# ChallengeResponseAuthentication=no
#UsePAM no
UsePAM yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
PrintMotd no
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
# For auditing
UseLogin yes
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 1...
2011 Nov 03
1
Help with CA Certificates for user authentication?
..., the sshd_config details:
Port 2022
HostKey /etc/sshtest/ssh_host_key
HostKey /etc/sshtest/ssh_host_rsa_key
HostKey /etc/sshtest/ssh_host_dsa_key
HostKey /etc/sshtest/ssh_host_ecdsa_key
MaxAuthTries 3
AuthorizedKeysFile????? /etc/sshtest/authorized_keys
PasswordAuthentication no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
UseDNS no
Subsystem?????? sftp??? /home1/test/usr/local/libexec/sftp-server
TrustedUserCAKeys?????? /etc/sshtest/ssh_cakeys
AuthorizedPrincipalsFile??????? /etc/sshtest/authorized_principals
The /etc/sshtest/authorized_principals file contains one line:
test at 172.31.43.3...
2006 Jan 20
1
openssh-4.2p1 + Pam question !
...n, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
UsePAM yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /...
2003 Dec 16
11
[Bug 774] banner is displaying twice (/etc/issue)
http://bugzilla.mindrot.org/show_bug.cgi?id=774
Summary: banner is displaying twice (/etc/issue)
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: All
OS/Version: Solaris
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: