You need to also have this line in the sshd_config: AllowTcpForwarding yes
François -----Nader Amadeu <[EMAIL PROTECTED]> wrote: ----- To: [email protected] From: Nader Amadeu <[EMAIL PROTECTED]> Date: 04/18/2006 08:24AM Subject: X11 tuneling: a hard to fix problem Hi all, I've googled for more than a week trying to fix this SSH X11 tuneling problem. I appreciate some help and thank you in advance. I have a remote Solaris 9 with the following options in /etc/ssh/sshd_config: X11Forwarding yes X11DisplayOffset 10 ForwardX11Trusted yes Then I ssh it from my local desktop: (only most important lines here) [localdesktop]% ssh -vvv -XY [EMAIL PROTECTED] OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to remoteserver [ip.address.here] port 22. debug1: Connection established. debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2 debug1: match: OpenSSH_4.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903 debug2: fd 3 setting O_NONBLOCK debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: x11_get_proto: /usr/X11R6/bin/xauth list :0.0 . 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 0 debug2: channel 0: request shell confirm 0 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel 0: rcvd adjust 131072 Now in the remoteserver: [EMAIL PROTECTED] % echo $DISPLAY DISPLAY: Undefined variable [EMAIL PROTECTED] % netstat -a remoteserver.ssh localdesktop.51899 66608 47 66608 0 ESTABLISHED Even if i setenv DISPLAY to localhost:10, 11, 12 ... it does not work. And from this netstat output I cannot find the X11 tuneling channel. In another attempt below I have the following different debug messages: [localdesktop]% ssh -vvv -o "ForwardX11Trusted no" [EMAIL PROTECTED] debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-9xszkw26hB/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-9xszkw26hB/xauthfile list :0.0 . 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug2: channel 0: request x11-req confirm 0 and again DISPLAY is an undefined variable. Could anyone help me to get this X11 tunelling work? Thanks all very much, nader
