Security Update from MAC breaks ssh -X
Darren Tucker
dtucker at zip.com.au
Tue Mar 20 09:25:49 EST 2007
Starr Hazard wrote:
> Folks,
>
> This morning I downloaded and installed a security update for my MAC G5. I
> am running MAC OSX 10.3.9.
And that replaced which version of OpenSSH with which newer version of
OpenSSH?
> Friday March 16 I was able to
>
> ssh -X me at targetcpu
>
> and launch my application
>
> this morning March 19 I get this error:
>
> X Error of failed request: BadAtom (invalid Atom parameter)
> Major opcode of failed request: 20 (X_GetProperty)
> Atom id in failed request: 0x25
> Serial number of failed request: 309
> Current serial number in output stream: 309
From http://www.openssh.com/faq.html#3.13
[quote]
3.13 - I upgraded to OpenSSH 3.8 and some X11 programs stopped working.
As documented in the 3.8 release notes, ssh will now use untrusted X11
cookies by default. The previous behaviour can be restored by setting
ForwardX11Trusted yes in ssh_config.
Possible symptoms include:
BadWindow (invalid Window parameter)
BadAccess (attempt to access private resource denied)
X Error of failed request: BadAtom (invalid Atom parameter)
Major opcode of failed request: 20 (X_GetProperty)
[/quote]
> I can get an xclock window to open but the GUI for my application is not
> able to launch.
>
> I can work around this by setting xhost on the mac, ssh to remote
> machine, setenv DISPLAY and launching the application.
>
> Can you suggest some reasons why this current fix broke my
>
> ssh -X trick?
This has been the default for years, I don't know why you're only seeing
problems now (unless Apple used to change the default in their packages
and now don't?)
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list