X11forwarding yes: how to debug/setup after xauth fix

Michael Felt michael at felt.demon.nl
Wed Oct 4 20:59:34 AEDT 2017

On 04/10/2017 11:28, Michael Felt wrote:
> Looking further: How can I see what is failing? Can I add a character 
> to the whitelist (once I know what is rejected)?
> imho: the cure may be worse than the illness if this means my X11 
> sessions are either "clear" or impossible - as they are not in the SSH 
> (encrypted) tunnel.

My apologies - it seems I may have been 'days' too late, and the 
discussions about this are not (yet) spotted by the search engines - as, 
I see yesterday there was a new release - and the change notes may 
already provide some "debug" info...

From: https://www.openssh.com/releasenotes.html, Changes since OpenSSH-7.5 ...

  * sshd(8): add ExposeAuthInfo option that enables writing details of
    the authentication methods used (including public keys where
    applicable) to a file that is exposed via a $SSH_USER_AUTH
    environment variable in the subsequent session.

Still have to think a bit about how this is to be setup...

Many thanks for your patience.

More information about the openssh-unix-dev mailing list