X11 Forwarding and Red Hat

Michael H. Warfield mhw at wittsend.com
Fri May 19 01:14:53 EST 2000


On Thu, May 18, 2000 at 12:02:29PM -0400, Matthew C. Weigel wrote:
> On Thu, 18 May 2000, Michael H. Warfield wrote:

> > On Thu, May 18, 2000 at 11:35:48AM -0400, Matthew C. Weigel wrote:

> > 	It might help [a lot] if you were more specific about what the
> > problems were that you were experiencing and not so much about what you
> > think is wrong.

> Well, judging from the archives, this is exactly the problem.  For your
> perusal:

	Ok...  Sound's like it, I just couldn't judge from your
earlier message.

> $ ssh -v 
> SSH Version OpenSSH-1.2.3, protocol version 1.5.
> Compiled with SSL.

> When connected to the Red Hat 6.2 system (synapse) running OpenSSH from an
> O2 running regular ssh:

> $ xterm
> X11 connection rejected because of wrong authentication at Thu May 18
> 11:59:20 2000.
> a
> Rejected connection at Thu May 18 11:59:20 2000: X11 connection from synapse
> port 3439

> X connection to synapse:10.0 broken (explicit kill or server shutdown).

> >   I'm also having problems with X11 forwarding in OpenSSH
> > 2.1.0 (which I don't THINK occured in 1.2.3) and it has nothing to
> > do with $XAUTHORITY.  What are the errors that you are experiencing?

> The error which, it is claimed in the archives, is directly attributable to
> Red Hat clobbering $XAUTHORITY: it is set automatically to
> /home/weigel/.Xauthority when I log in, but sshd sets it to
> /tmp/ssh-randomstring/cookies.  I'm not familiar enough ssh to know why this
> is a problem, but it is.
> 
> > 	Oh...  And, BTW, if you are loading OpenSSH 2.1.0, I noticed that
> > both of the new config files have X forwarding disabled.  That was the
> > first thing I got burned on after upgrading my ssh*_config files.

> I checked my config files and I'm not running 2.1.0 yet.

	Ok...  That's what I needed to know!

	I've got a pretty vanilla RedHat setup...  Here is what I see between
my two systems (Alcove is RedHat 6.1 and Canyon is RedHat 6.2):

[mhw at alcove mhw]$ set | grep XAUTH
XAUTHORITY=/home/mhw/.Xauthority
You have new mail in /var/spool/mail/mhw
[mhw at alcove mhw]$ ssh canyon
Last login: Tue May 16 16:17:38 2000
[mhw at canyon mhw]$ set | grep XAUTH
XAUTHORITY=/tmp/ssh-zZvc2528/cookies
[mhw at canyon mhw]$ 

	Ok...  My RedHat 6.2 did NOT clobber my XAUTHORITY variable.
Have you checked your ".profile" and ".bashrc" files?  You might also
check /etc/profile and /etc/bashrc files.  I don't have anything in any
of those files, but something in there could commit that act of terrorism
on you.

	Also, what shell are you using?  I'm using sh (bash) and it could
be different if you are using tcsh or ksh (shouldn't be, but might be).
It could influence what startup files are involved.

	Unfortunately, the error that I see is NOT the error that you see.
I get this with 2.1.0:

[mhw at canyon mhw]$ xterm
channel 0: istate 4 != open
channel 0: ostate 64 != open
X connection to canyon:10.0 broken (explicit kill or server shutdown).
[mhw at canyon mhw]$

	You are right about XAUTHORITY.  If that gets screwed (or the
.Xauthority is hosed) then you get the "wrong authentication" that you
see.  That was the tidbit (the error message) that I needed to know.

>  Matthew Weigel
>  Programmer/Sysadmin/Student
>  weigel+ at pitt.edu

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!






More information about the openssh-unix-dev mailing list