search for: xauthloc

http://bugzilla.mindrot.org/show_bug.cgi?id=1004 Summary: X11 forwarding not working with ssh3.9p1 (Error: Can't open display) Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: Miscellaneous

http://bugzilla.mindrot.org/show_bug.cgi?id=338 ------- Additional Comments From stevesk at pobox.com 2002-07-07 04:00 ------- will look into this ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...yPasswd, sKeepAlives, - sUseLogin, sAllowTcpForwarding, sCompression, + sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, @@ -319,6 +322,7 @@ { "xauthlocation", sXAuthLocation }, { "strictmodes", sStrictModes }, { "permitemptypasswords", sEmptyPasswd }, + { "permituserenvironment", sPermitUserEnvironment }, { "uselogin", sUseLogi...

Nico Kadel-Garcia <nkadel at gmail.com> writes: > I'm just trying to figure out under what normal circumstances a > connection with X11 forwarding enabled wouldn't be owned by a user who > already has normal system privileges for ssh, sftp, and scp access. Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have X11Forwarding enabled by default. DES --

http://bugzilla.mindrot.org/show_bug.cgi?id=1180 Summary: Add finer-grained controls to sshd Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dtucker at

After making quite a few circles around one particular issue (and eventually resolving it) I have a suggestion to make: Append the following to http://www.openssh.org/faq.html#2.7 "NOTE: In order to agent forwarding to work you need to have xauth installed in the remote host. In Debian xauth is in 'xbase-clients' package." And about that "F" in

...build the sshd_config file with all the possible parameters set to their default values.? For eg: When I compile any version of Openssh and run make install, the sshd_config file that gets copied to the directory specified by "--sysconfigdir=" flag does not contain the parameter "XAuthLocation" at all Whereas the sshd_config.5 man file copied in the man/man5 directory does contain information about default value , but not in a very legible manner as given below: more /opt/soe/local/openssh-4.7p1/share/man/man5/sshd_config.5 \fBXAuthLocation\fP Specifies the full pathname...

OpenSSH 5.1p1 I can't grasp why, when connecting with 'ssh -Y' to this test host, I am not tickling the verbose() call below that I have added. I am logging as auth + verbose in sshd_config The X11 forward for the session works fine as tested with xterm. At any rate, I am looking for some guidance on where to log X11 forwards that are established, ideally with a username and remote

https://bugzilla.mindrot.org/show_bug.cgi?id=2382 Bug ID: 2382 Summary: option to disable pid file with sshd Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

...entication no RSAAuthentication no ServerKeyBits 768 StrictModes yes Subsystem sftp /usr/libexec/sftp-server SyslogFacility AUTH UseLogin no UsePAM yes UsePrivilegeSeparation no #VerifyReverseMapping no X11DisplayOffset 10 X11Forwarding yes X11UseLocalhost yes XAuthLocation /usr/openwin/bin/xauth

...= -1; options->strict_modes = -1; options->keepalives = -1; options->log_facility = (SyslogFacility) - 1; @@ -258,7 +259,7 @@ sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, - sBanner, sReverseMappingCheck, sHostbasedAuthentication, + sBanner, sReverseMappingCheck, sHostbasedAuthentication, sXAuthorityInTmp, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, sDe...

...t would then propagate XAUTHORITY to the user's environment also. Because, when this option is present, sshd would _always_ override XAUTHORITY, there is no need for any messy code to try to figure out where the orignal XAUTHORITY was or should have been. This could be mostly handled by using XAuthLocation, but there is no way with that facility to place XAUTHORITY back into the users's environment, and I think that it'd be easier to provide the config option than to provide some feedback path from xauth to the real path. -- Mario ------- You are receiving this mail because: -------...

http://bugzilla.mindrot.org/show_bug.cgi?id=333 ------- Additional Comments From stevesk at pobox.com 2002-07-04 05:41 ------- i will guess configure did not find an xauth when it was built ($PATH is irrelevant here). please verify. see $HOME/.ssh/rc example in sshd.8 which can be used as a workaround in this case. djm: autoconf-2.53 exposes a bug for xauth path detection. ------- You

...forwarding. I used the same sources for Solaris and Linux. Tried nearly every combination, but it seems that the "opensshd" for Solaris has some problems. Of course i tried to connect with "ssh -X", the server has in its /etc/sshd_config: X11Forwarding yes X11DisplayOffset 10 XAuthLocation /usr/openwin/bin/xauth The client doesn't have any config file, neither for Linux nor for Solaris (same NFS homedir). - it doesn't depend on the client, i checked with an non-free ssh client or use Linux instead. Both works. - i checked the x11 fwd'ing with the openssh clien...

...11Forwarding, sX11DisplayOffset, + sPortForwarding, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, + sCheckMail, sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile, sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups } ServerOpCodes; @@ -227,6 +230,7 @@ { "x11forwarding", sX11Forwarding }, { "x11displayoffset", sX11DisplayOffset }, { "xauthlocation", sXAuthLocation }, + { "portforwarding", sPortForwarding }, { "strictmodes&quot...

Hi! I'm having a difficult time getting X11 forwarding to work. Since I've read the docs completely about this, this must be an SSH bug which is likely because I'm using Gentoo as the SSH server. When trying to forward X11 connections, I get X11 connection rejected because of wrong authentication. kwrite: cannot connect to X server XXXXXXXXX:10.0 Using command ssh -Y -p 1111 -4

...ion, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, @@ -411,6 +414,7 @@ static struct { { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL }, { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, + { "nopty", sNoPty, SSHCFG_ALL }, { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, @@...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

...ntication no printmotd yes printlastlog yes x11forwarding yes x11uselocalhost yes strictmodes yes tcpkeepalive yes permitemptypasswords no permituserenvironment yes uselogin no compression delayed gatewayports no usedns yes allowtcpforwarding yes useprivilegeseparation yes pidfile /var/run/sshd.pid xauthlocation /usr/bin/xauth authorizedkeysfile .ssh/authorized_keys authorizedkeysfile2 .ssh/authorized_keys2 loglevel INFO syslogfacility AUTH hostkey /etc/openssh/ssh_host_key hostkey /etc/openssh/ssh_host_rsa_key hostkey /etc/openssh/ssh_host_dsa_key acceptenv DISPLAY acceptenv X_ORIGINATING_HOST accept...

...ntication no printmotd yes printlastlog yes x11forwarding yes x11uselocalhost yes strictmodes yes tcpkeepalive yes permitemptypasswords no permituserenvironment yes uselogin no compression delayed gatewayports no usedns yes allowtcpforwarding yes useprivilegeseparation yes pidfile /var/run/sshd.pid xauthlocation /usr/bin/xauth authorizedkeysfile .ssh/authorized_keys authorizedkeysfile2 .ssh/authorized_keys2 loglevel INFO syslogfacility AUTH hostkey /etc/openssh/ssh_host_key hostkey /etc/openssh/ssh_host_rsa_key hostkey /etc/openssh/ssh_host_dsa_key acceptenv DISPLAY acceptenv X_ORIGINATING_HOST accept...