[Bug 2143] X11 forwarding for ipv4 is broken when ipv6 is disabled on the loopback interface

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Mar 31 23:04:21 AEDT 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=2143

Alan D. Salewski <salewski at att.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |salewski at att.net

--- Comment #9 from Alan D. Salewski <salewski at att.net> ---
[Just want to note this experience and workaround for other Debian
users who
 might wander through here...]

I ran into this on a current Debian machine with the 'openssh-server'
package
version 1:8.2p1-4.

IPv6 is disabled on the host, but via a runtime sysctl.d/ file rather
than the
kernel command line option. The sysctl config file contains the
settings:

    net.ipv6.conf.all.disable_ipv6 = 1
    net.ipv6.conf.default.disable_ipv6 = 1

After cranking-up the sshd debug logging, I would see a ton of messages
like
the following in /var/log/auth.log when a client would connect with X11
forwarding requested ('-X'):

    Mar 31 06:22:42 myhostname sshd[3187]: debug2:
x11_create_display_inet: bind port 6011: Cannot assign requested
address
    Mar 31 06:22:42 myhostname sshd[3187]: debug3: sock_set_v6only: set
socket 9 IPV6_V6ONLY

Unlike the documented experience of others (above, and elsewhere on the
Net),
setting[0] 'AddressFamily inet' *did not* correct the problem for me.
However,
adding '-4' to the (otherwise empty) sshd startup options via the
'/etc/default/ssh' file did work.


[0] Actually, it was already set explicitly.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list