similar to: [Bug 849] Document or fix untrusted X11 authority timeout

http://bugzilla.mindrot.org/show_bug.cgi?id=849 Summary: Document or fix untrusted X11 authority timeout Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=1785 Summary: configurable timeout for x11 cookies Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=803 Summary: Security Bug: X11 Forwarding is more powerful than it needs to be. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-bugs

$ ssh -v OpenSSH_5.1, OpenSSL 0.9.8j 07 Jan 2009 $ ssh -vvv -X example.com [ Relevant debug info: ] debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 [OpenSSH_5.1, OpenSSL 0.9.7j 04 May 2006] debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-TLLOFKxvay/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null Warning: untrusted X11 forwarding

https://bugzilla.mindrot.org/show_bug.cgi?id=1718 Summary: Spurious messages "X11 connection rejected because of wrong authentication." Product: Portable OpenSSH Version: 5.3p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=111 Summary: sshd syslogs raw untrusted data Product: Portable OpenSSH Version: -current Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

I am taking the liberty of forwarding this message to the list. I am not subscribed to it. If you want to reply to me, please send email to faheem at email.unc.edu Thanks, Faheem Mitha. ---------- Forwarded message ---------- From: Faheem Mitha <faheem at email.unc.edu> Newsgroups: comp.security.ssh Subject: installing OpenSSH rpm on SuSE 6.2 Dear people, I tried

https://bugzilla.mindrot.org/show_bug.cgi?id=1682 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org CC| |djm at mindrot.org, |

https://bugzilla.mindrot.org/show_bug.cgi?id=1725 Summary: use x11.pc when linking gnome-ssh-askpass2 Product: Portable OpenSSH Version: 5.3p1 Platform: Other URL: http://bugs.debian.org/555951 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system

https://bugzilla.mindrot.org/show_bug.cgi?id=1464 Summary: "possible hijacking of X11-forwarded connections" bug has not been fixed completely Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: Other OS/Version: HP-UX Status: NEW Severity: security

https://bugzilla.mindrot.org/show_bug.cgi?id=1745 Summary: Matching @cert-authority entries when using unqualified hostnames Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1309 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED CC| |djm

https://bugzilla.mindrot.org/show_bug.cgi?id=1010 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #2 from Damien Miller <djm at mindrot.org> 2008-06-13 13:42:57 --- I

http://bugzilla.mindrot.org/show_bug.cgi?id=889 Summary: Under Solaris 9, X11 port forwarding causes X11 protocol errors Product: Portable OpenSSH Version: 3.8p1 Platform: UltraSparc OS/Version: SunOS Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=851 Summary: some X11 prgs generate ``BadAtom (invalid Atom parameter)'' in X_GetProperty when using X11 forwarding Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2

http://bugzilla.mindrot.org/show_bug.cgi?id=1356 Summary: X11 forwarding broken. Product: Portable OpenSSH Version: 4.5p1 Platform: Other OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: marka at isc.org Created

http://bugzilla.mindrot.org/show_bug.cgi?id=111 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-01-07 17:05

https://bugzilla.mindrot.org/show_bug.cgi?id=1762 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Resolution|--- |WONTFIX Status|NEW

http://bugzilla.mindrot.org/show_bug.cgi?id=1309 Summary: X11 forwarding doesn't work with X11UseLocalhost=no Product: Portable OpenSSH Version: 4.3p2 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org

in reply to: 5.1p1 and X11 forwarding failing http://lists.mindrot.org/pipermail/openssh-unix-dev/2009-February/027183.html I have the impression that SSH is running xauth with a filename in a temporary directory that does not exist: local:~ $ ssh -vv user at remote ... debug2: x11_get_proto: /usr/bin/xauth -f /tmp/ssh-VskgWb3776/xauthfile generate :0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200