X forwarding / hostname

Brian Candler B.Candler at pobox.com
Sun Mar 19 06:55:56 EST 2000


I'm running OpenSSH-1.2.2p1 under RH Linux 6.1.

One of my machines is a laptop, and its IP address tends to change as I move
it around. I have set its kernel hostname to "vaio.linnet.org", and have the
following in /etc/hosts to ensure this name is always usable:	localhost.localdomain	localhost	vaio.linnet.org

Now, the problem is with X forwarding. If I ssh into this box with X
forwarding, it doesn't work - see transcript below. I have to set "hostname
<real-hostname>" (where real-hostname is whatever today's name is), and
restart sshd, before it will work.

Now, ssh appears to use the kernel hostname when deciding what address to
provide the tunneled X service on:

[brian at vaio brian]$ echo $DISPLAY

So, my questions are:
(1) Why doesn't this work when the hostname resolves to
(2) Wouldn't it be better/more secure to do all the host forwarding via anyway? (i.e. DISPLAY= In this case, sshd
    wouldn't actually care what the kernel thought the hostname was.


Brian Candler.
[please CC me on any reply]


$ ssh -v -X <real-hostname>
debug: Requesting X11 forwarding with authentication spoofing.
[brian at vaio brian]$ xclock
debug: Received X11 open request.
debug: channel 0: new [X11 connection from localhost.localdomain port 1117]
debug: X11 connection uses different authentication protocol.
X11 connection rejected because of wrong authentication.

debug: X11 rejected 0 i1/o16
debug: channel 0: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed]
debug: channel 0: shutdown_read
debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_IEOF [write failed]
debug: channel 0: shutdown_write
debug: X11 rejected 0 i2/o64
debug: channel 0: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF]
debug: channel 0: OUTPUT_WAIT_IEOF -> OUTPUT_CLOSED [rvcd IEOF]
debug: channel 0: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE]
debug: channel 0: full closed
X connection to vaio.linnet.org:10.0 broken (explicit kill or server shutdown).
[brian at vaio brian]$ xauth list
localhost.localdomain:10  MIT-MAGIC-COOKIE-1  95578613453a5bc68fc0f40d9acfe1b2
[brian at vaio brian]$ hostname
[brian at vaio brian]$ 

[P.S. It also doesn't work if I set "hostname localhost.localdomain" before
restarting sshd]

More information about the openssh-unix-dev mailing list