2.9p2 -- ForwardX11 fails -- X11 connection uses different authentication protocol
James Rippas
jrippas at mizuhocap.com
Tue Jul 3 07:00:55 EST 2001
Hi,
I just grabed the 2.9p2 and can't forward X11 connections. This worked
fine for me under 2.9p1 but with 2.9p2 it seems that $XAUTHORITY isn't
getting set and when I try and set it manually connections to the
Xserver still fail with:
debug1: X11 connection uses different authentication protocol.
debug1: X11 rejected 1 i1/o16
Verbose debugs below.
client:
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /home/jrippas/.ssh/config
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1676 geteuid 0 anon 1
debug1: Connecting to ratbert [192.168.90.30] port 22.
debug1: temporarily_use_uid: 1676/121 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 1676/121 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/jrippas/.ssh/identity type 0
debug3: No RSA1 key file /home/jrippas/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/jrippas/.ssh/id_rsa type 1
debug1: identity file /home/jrippas/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-gup1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour
aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndaelbc at lysator.liu.se
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfouaes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndaelbc at lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at opssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at opssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-gup1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfouaes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndaelbc at lysator.liu.se
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfouaes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndaelbc at lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at opssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at opssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 132/256
debug1: bits set: 1007/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/jrippas/.ssh/known_hosts2
debug3: check_host_in_hostfile: match line 39
debug3: check_host_in_hostfile: filename /home/jrippas/.ssh/known_hosts2
debug3: check_host_in_hostfile: match line 39
debug1: Host 'ratbert' is known and matches the RSA host key.
debug1: Found key in /home/jrippas/.ssh/known_hosts2:39
debug1: bits set: 1020/2049
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interacve,hostbased
debug3: start over, passed a different list
publickey,password,keyboard-interaive,hostbased
debug3: preferred publickey,password,keyboard-interactive
debug3: authmethod_lookup publickey
debug3: remaining preferred: password,keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try pubkey: /home/jrippas/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 142f48 hint
1
debug2: input_userauth_pk_ok: fp
fc:0c:ec:64:78:de:f2:ec:98:c6:89:7e:74:e3:83:
debug3: sign_and_send_pubkey
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/jrippas/.ssh/id_rsa':
debug1: read PEM private key done: type RSA
debug2: ssh_rsa_sign: done
debug1: ssh-userauth2 successful: method publickey
debug3: clear hostkey 0
debug3: clear hostkey 1
debug3: clear hostkey 2
debug1: channel 0: new [client-session]
debug1: channel_new: 0
debug1: send channel open 0
debug1: Entering interactive session.
debug2: callback start
debug1: client_init id 0 arg 0
debug2: tty_make_modes: ospeed 9600
debug2: tty_make_modes: ispeed 0
debug2: tty_make_modes: 1 3
debug2: tty_make_modes: 2 28
debug2: tty_make_modes: 3 127
debug2: tty_make_modes: 4 21
debug2: tty_make_modes: 5 4
debug2: tty_make_modes: 6 0
debug2: tty_make_modes: 7 0
debug2: tty_make_modes: 8 17
debug2: tty_make_modes: 9 19
debug2: tty_make_modes: 10 26
debug2: tty_make_modes: 11 25
debug2: tty_make_modes: 12 18
debug2: tty_make_modes: 13 23
debug2: tty_make_modes: 14 22
debug2: tty_make_modes: 16 0
debug2: tty_make_modes: 18 15
debug2: tty_make_modes: 30 0
debug2: tty_make_modes: 31 0
debug2: tty_make_modes: 32 0
debug2: tty_make_modes: 33 0
debug2: tty_make_modes: 34 0
debug2: tty_make_modes: 35 0
debug2: tty_make_modes: 36 1
debug2: tty_make_modes: 37 0
debug2: tty_make_modes: 38 1
debug2: tty_make_modes: 39 0
debug2: tty_make_modes: 40 0
debug2: tty_make_modes: 41 0
debug2: tty_make_modes: 50 1
debug2: tty_make_modes: 51 1
debug2: tty_make_modes: 52 0
debug2: tty_make_modes: 53 1
debug2: tty_make_modes: 54 1
debug2: tty_make_modes: 55 1
debug2: tty_make_modes: 56 0
debug2: tty_make_modes: 57 0
debug2: tty_make_modes: 58 0
debug2: tty_make_modes: 59 1
debug2: tty_make_modes: 60 1
debug2: tty_make_modes: 61 1
debug2: tty_make_modes: 62 0
debug2: tty_make_modes: 70 1
debug2: tty_make_modes: 71 0
debug2: tty_make_modes: 72 1
debug2: tty_make_modes: 73 0
debug2: tty_make_modes: 74 0
debug2: tty_make_modes: 75 0
debug2: tty_make_modes: 90 1
debug2: tty_make_modes: 91 1
debug2: tty_make_modes: 92 1
debug2: tty_make_modes: 93 0
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: channel request 0: shell
debug2: callback done
debug1: channel 0: open confirm rwindow 0 rmax 16384
debug2: channel 0: rcvd adjust 32768
Environment:
TZ=US/Eastern
SSH_CLIENT=192.168.91.91 41852 22
SSH_TTY=/dev/pts/1
TERM=xterm
DISPLAY=ratbert:11.0
Last login: Mon Jul 2 15:48:26 from l7
Sun Microsystems Inc. SunOS 5.8 Generic February 2000
1 ratbert(jrippas) % xterm
debug1: client_input_channel_open: ctype x11 rchan 3 win 4096 max 2048
debug1: client_request_x11: request from 192.168.90.30 47841
debug1: fd 9 setting O_NONBLOCK
debug1: fd 9 IS O_NONBLOCK
debug1: channel 1: new [x11]
debug1: confirm x11
debug1: X11 connection uses different authentication protocol.
debug1: X11 rejected 1 i1/o16
debug1: channel 1: read failed
debug1: channel 1: input open -> drain
debug1: channel 1: close_read
debug1: channel 1: input: no drain shortcut
debug1: channel 1: ibuf empty
debug1: channel 1: input drain -> closed
debug1: channel 1: send eof
debug1: channel 1: write failed
debug1: channel 1: output open -> closed
debug1: channel 1: close_write
debug1: X11 closed 1 i8/o128
debug1: channel 1: send close
debug1: channel 1: rcvd close
debug1: channel 1: is dead
debug1: channel_free: channel 1: status: The following connections are
open:
#0 client-session (t4 r0 i1/0 o16/0 fd 6/7)
#1 x11 (t7 r3 i8/0 o128/0 fd 9/9)
X connection to ratbert:11.0 broken (explicit kill or server shutdown).
Server:
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: read PEM private key done: type RSA
debug1: private host key: #2 type 1 RSA
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.91.91 port 41852
debug1: Client protocol version 2.0; client software version
OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_2.9p2
debug1: Rhosts Authentication disabled, originating port not trusted.
debug1: list_hostkey_types: ssh-dss,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 122/256
debug1: bits set: 1020/2049
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1007/2049
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user jrippas service ssh-connection method
none
debug1: attempt 0 failures 0
Failed none for jrippas from 192.168.91.91 port 41852 ssh2
debug1: userauth-request for user jrippas service ssh-connection method
publickey
debug1: attempt 1 failures 1
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 1676/121 (e=0)
debug1: matching key found: file /home/jrippas/.ssh/authorized_keys2,
line 1
debug1: restore_uid
Postponed publickey for jrippas from 192.168.91.91 port 41852 ssh2
debug1: userauth-request for user jrippas service ssh-connection method
publickey
debug1: attempt 2 failures 1
debug1: temporarily_use_uid: 1676/121 (e=0)
debug1: matching key found: file /home/jrippas/.ssh/authorized_keys2,
line 1
debug1: restore_uid
debug1: ssh_rsa_verify: signature correct
Accepted publickey for jrippas from 192.168.91.91 port 41852 ssh2
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 32768 max
16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 channel 0 request pty-req
reply 0
debug1: session_pty_req: session 0 alloc /dev/pts/1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 channel 0 request x11-req
reply 0
debug1: Received request for X11 forwarding with auth spoofing.
debug1: bind port 6010: Address already in use
debug1: fd 10 setting O_NONBLOCK
debug1: fd 10 IS O_NONBLOCK
debug1: channel 1: new [X11 inet listener]
debug1: fd 11 setting O_NONBLOCK
debug1: fd 11 IS O_NONBLOCK
debug1: channel 2: new [X11 inet listener]
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 channel 0 request shell
reply 0
debug1: fd 9 setting O_NONBLOCK
debug1: fd 8 IS O_NONBLOCK
debug1: X11 connection requested.
debug1: fd 13 IS O_NONBLOCK
debug1: fd 13 IS O_NONBLOCK
debug1: channel 3: new [X11 connection from 192.168.90.30 port 47841]
debug1: channel 3: open confirm rwindow 32768 rmax 2048
debug1: channel 3: rcvd eof
debug1: channel 3: output open -> drain
debug1: channel 3: rcvd close
debug1: channel 3: input open -> closed
debug1: channel 3: close_read
debug1: channel 3: obuf empty
debug1: channel 3: output drain -> closed
debug1: channel 3: close_write
debug1: channel 3: send close
debug1: channel 3: is dead
debug1: channel_free: channel 3: status: The following connections are
open:
#0 server-session (t4 r0 i1/0 o16/0 fd 9/8)
#3 X11 connection from 192.168.90.30 47841 (t4 r1 i8/0 o128/0 fd
13/13)
debug1: channel 0: read<=0 rfd 9 len 0
debug1: channel 0: read failed
debug1: channel 0: input open -> drain
debug1: channel 0: close_read
debug1: channel 0: input: no drain shortcut
debug1: channel 0: ibuf empty
debug1: channel 0: input drain -> closed
debug1: channel 0: send eof
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 17966
debug1: session_exit_message: session 0 channel 0 pid 17966
debug1: session_exit_message: release channel 0
debug1: channel 0: write failed
debug1: channel 0: output open -> closed
debug1: channel 0: close_write
debug1: session_pty_cleanup: session 0 release /dev/pts/1
debug1: session_free: session 0 pid 17966
debug1: channel 0: send close
debug1: channel 0: rcvd close
debug1: channel 0: is dead
debug1: channel_free: channel 0: status: The following connections are
open:
#0 server-session (t4 r0 i8/0 o128/0 fd -1/-1)
Connection closed by remote host.
debug1: channel_free: channel 1: status: The following connections are
open:
debug1: channel_free: channel 2: status: The following connections are
open:
-------------- next part --------------
---------------------------------------------------------
This e-mail contains information some or all of which may be
confidential, proprietary and/or legally privileged. If an addressing
or transmission error has misdirected this e-mail, please notify the
sender by replying to this e-mail. If you are not the intended
recipient you must not use, disclose, distribute, copy, print or rely on
this e-mail.
---------------------------------------------------------
More information about the openssh-unix-dev
mailing list