ssh/openssh and X authentication

Brad lists at
Tue Dec 7 11:04:14 EST 1999

On 1999-11-29 at 15:29:37, Nigel Metheringham wrote:
> I've currently got a couple of boxes which obtain their IP address via 
> DHCP, and as a consequence do not have a mapping in /etc/hosts for 
> their own IP/name... but helpfully (!) they have their name mapping to 

i have a similar setup here, except with names mapping to; i
forget why, but mapping to didn't work well for me for some
reason. Probably i did something wrong.

> This breaks X authentication... - openssh (and also ssh) makes an 
> apparently valid xauth entry, but all attempts to start clients gives 
> "X11 connection rejected because of wrong authentication."  Hacking the 
> DISPLAY & xauth entries to use the real IP address of the box, or even 
> works fine, so it appears that something (maybe outside ssh) 
> is special casing

I think it's X itself, using unix domain sockets to connect to the
localhost. opensshd only puts an internet domain entry in the xauth
file. I managed to solve it on my system by having sshd do a second
xauth with "/unix" inserted just before the ':' in the display variable
in sshd.c.

I've filed more information in the Debian GNU/Linux bug tracking
database, at <>.
I'm not subscribed to openssh-unix-dev, so CCs of replies would be

  finger for GPG public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : 

More information about the openssh-unix-dev mailing list