similar to: Failed X11 authentication does the wrong thing

I asked this question a while ago, but never got any response. Since then, I've researched the problem some more, so I can give a much more concise description of what's happening. I'm mounting the home directories of the users upon login (using pam_mount) from the Windows server. However, none of the users can run X Windows. It says there's a problem with the .Xauthority file.

So I'm working from home today, and for the first time I've tried running Evolution over a forwarded X11 connection. Even though work has a T1 and I have 640k at home, and ssh is compressing, it's ... rather slow. So I fire off lbxproxy and try to run an xterm to see if it works. No dice, authentication denied. Does anybody have any experience with this? Is it possible to run

Hi! Is there any reason why support for the libwrap code isn't included in the X11 forwarding code? I'd like to restrict access to that port. How many applications would break if the tcp port would be closed and only the unix-domain socket would be available? It's true that x11 forwardings can be considered as a security risk and they are disabled because of that by default. I

Hi, Finally got this working!! I have found a potential Workaround to the following error: >/etc/X11/gdm/PreSession/Default: Registering your session with wtmp >and > utmp > /etc/X11/gdm/PreSession/Default: running: /usr/bin/X11/sessreg -a >-w /var/log/wtmp -u /var/run/utmp -x "/var/gdm/:0.Xservers" -h "" -1 >":0" >"test" >Xlib:

Hello all, $XAUTHORITY location has moved from under /tmp to ~/.Xauthority in 2.9p2. The commit message was: --- remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since we do already trust $HOME/.ssh you can use .ssh/sshrc and .ssh/environment if you want to customize the location of the xauth cookies --- The latter is true, but can only be enabled in per-user basis as far as I see.

Dave Close wrote: > The error shown with "ssh -Xvvv" in all failure cases is, > debug3: send packet: type 91 > debug2: X11 auth data does not match fake data. > X11 connection rejected because of wrong authentication. > debug2: X11 rejected 1 i0/o0 I don't know but I do have questions. So maybe... What is the output of these commands? type xauth

Currently, ~/.ssh/environment can set static environment variables, and ~/.ssh/rc can run initialization routines. But there is no way for sshrc to propagate changes to the environment to the user's shell or command. There is, however, a possible way to do this. If the PermitUserEnvironment option is set, sshd could treat the stdout of sshrc as additional assignment lines of the form

Since I had a problem and resolved with the JuiceSSH app on Android a couple of weeks ago, I've had a new problem with one of my local machines. Although I've checked everything I remember changing back then, I can't find the cause and would appreciate a clue or two. (Note, JuiceSSH is not involved in this problem.) I have four local machines which should be able to use "ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=771 Summary: Add option to override XAUTHORITY env variable Product: Portable OpenSSH Version: 3.7.1p1 Platform: UltraSparc OS/Version: SunOS Status: NEW Severity: enhancement Priority: P5 Component: sshd AssignedTo: openssh-bugs at mindrot.org

Hi. I see this XAUTHORITY=/tmp/ssh-*/cookies issue has been discussed repeatedly, but I haven't seen a solution to the following problem. Remote user logs into firewall. On firewall, DISPLAY var set to secure channel, XAUTHORITY set to /tmp/ssh-*/cookies. X11 forwarding from firewall works fine. User logs into machine behind firewall, and sets DISPLAY var to firewall:X11DisplayOffset.0.

http://bugzilla.mindrot.org/show_bug.cgi?id=803 Summary: Security Bug: X11 Forwarding is more powerful than it needs to be. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-bugs

The following message is a courtesy copy of an article that has been posted to comp.emacs.xemacs as well. [This message has been CC'ed to the OpenSSH list in a plea to at least consider supporting more advanced usages of Xauth] Chris Green <sprout at dok.org> writes: > Its not configurable behavior. It always generates a new random file > in /tmp. Then they should probably

Hello, I have a strange (for me) problem with these two machines : - Client, a CentOS-5.7 workstation ; - Server, a CentOS-6.2 headless, up-to-date server. From Client, I want to use xauth on Server with the help of rsh (yes, I know, ssh and all this sort of things... another time.) When SELinux is in permissive mode on Server, all these commands perform as expected : rsh Server

https://bugzilla.mindrot.org/show_bug.cgi?id=2440 Bug ID: 2440 Summary: X11 connection will fail if user's home directory is read-only Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component: sshd

hi, eventually newbie: i want to show remote X-apps on my desktop. now, i know from google that xhost and xauth is not the way to so that very secure. now, i have a ssh_config with X forwarding enabled and a server with forwarding enabled, too. now when i connect to server i read that ssh creates automaticaly a Xauthory file. So i know that this is the xauth way with supercookies etc. but i

Hi all, I have C6 i386 with cr repo enabled; problem is, I can't get x-forwarding to work, xorg-x11-auth rpm is installed, have checked sshd config for #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 Here is a verbose ssh logon, I can't see any difference to a working server: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug3:

In switching to openssh from ssh-1.2.27, I have encountered the following problem with the way openssh handles its XAUTHORITY files separately from ~/.Xauthority. XEmacs has a gnuserv process that runs and allows commands to be issued to a remote XEmacs process. The trouble is when the command is to make a new frame ( window ) on a different X display, it fails because the Xauth cookie is not in

Hi folks, I've got a problem with X11 forwarding on an AIX 5.2 system thats stumped me. I've installed the same patched + compiled installp package on all our aix boxes but one of them won't play ball with X11 ssh -X -v -v user at host gives (grepped out X11 looking lines) debug2: we sent a password packet, wait for reply debug1: Authentication succeeded (password). debug1:

I'd like to run SELinux on my CentOS server in enforcing mode, but I get the above message when I run sealert. I assume this is because I am accessing the server from my laptop? In any case, I googled for the message, and this threw up dozens of similar queries over many years. Most of the ones I read offered methods of avoiding the problem rather than solving it. Am I right in thinking the

I'm running Samba v2.0.5a on a RedHat v6.0 system. This server provides SMB shares to Win98, OS/2 and Linux clients. Everything is running fine with the Win98 and OS/2 clients, but I have a few questions regarding Samba and Linux clients. 1. Is there a way for Linux systems to receive SMB messages? Something analogous to Windows' "WinPopup" or OS/2's "Network