Status of Bugzilla #1153
Darren Tucker
dtucker at zip.com.au
Wed Feb 22 09:56:49 EST 2006
Simon Vallet wrote:
> On Wed, Feb 22, 2006 at 07:22:15AM +1100, Darren Tucker wrote:
>>> And this is were the problem appears : as xauth credentials
>>> are set using the FQDN of the external interface of the gateway, any
>>> internal X11 client will be denied access to the forwarded X11 server.
>> This seems to be an argument for mimicking what xauth does.
>
> Actually, this is not ;-) -- it's simply an explanation of what we see here
The fundamental problem is that $DISPLAY and the cookie in .Xauthority
don't match, right?
Also, while your patch works for your typical case, does X11 work if you
ssh from the inside to the bastion host? (You'll get your internal
address in $DISPLAY but FQDN in .Xauthority, right? Xlib might fudge it
to work, though.)
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list