You should upgrade to Openssh 2.9p2. Openssh 2.5.2 has a lot of
problems. I don't know if the one your are experiencing is because of
that version but with the number of problems that have been experienced
with 2.5.2 I would upgrade anyway.
--
Dan Fayette
Senior Network Engineer
USTRANSCOM / J6-TE (Test and Engineering)
NCI Information Systems Inc.
Phone: 618.229.1817
DSN : 779.1817
Toby Blake wrote:
>
> Hi all,
>
> We've recently upgraded to OpenSSH_2.5.2p2 from SSH Version 1.2.26. One
> thing I have noticed that no longer works correctly is x-forwarding when
> combined with the nsu program (for anyone who doesn't know, nsu creates
> a new shell with the uid and gid of the specified user).
>
> I can see why this doesn't work under OpenSSH - the X-forwarding sets up
> the proxy X authorization key in a file, e.g. /tmp/ssh-VJBn1482/cookies,
> on the remote machine. Both the cookies file and the directory above it
> have read-write permission for the user only. This means that when you
> use nsu to change your uid and gid, the shell subsequently has no
> permissions to view the proxy x authorization details in this file and
> you see this error:
>
> host% nsu webadmin
> XauLockAuth timeout: /tmp/ssh-VJBn1482/cookies
> host% whoami
> webadmin
> host%
>
> As I've said, I can see why this doesn't work, but I'm curious to know
> if anyone has come up with a solution to this, so that we can use
> x-forwarding along with nsu.
>
> Thanks in advance for any help.
>
> Toby Blake
> University of Edinburgh
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
