Hi Nader, I agree, stay away from xhost.
I see from your debug output below that your ssh server is OpenSSH 4.2 and not the default Sun_SSH_1.0.1 that comes with Solaris 9. Are you sure you are looking at the right config file for sshd? Check your sshd process to see where it is started from: # ps -eo pid,comm,args | grep sshd If the output indicates that the sshd is /usr/lib/ssh/sshd then your config file in the expected /etc/ssh/sshd_config If the output indicates that sshd is in /usr/local/sbin/sshd, then your config file might very well be located in /usr/local/etc/sshd_config. Check this out... François -----Nader Amadeu <[EMAIL PROTECTED]> wrote: ----- To: [email protected] From: Nader Amadeu <[EMAIL PROTECTED]> Date: 04/19/2006 12:31PM Subject: Re: X11 tuneling: a hard to fix problem Hi François, yes i have the options below in my /etc/ssh/sshd_config AllowTcpForwarding yes GatewayPorts yes I ran out of ideas where could be the problem... Thanks anyway and i still apreciate some tips. I dont want to use xhost because of security problems. nader > You need to also have this line in the sshd_config: > AllowTcpForwarding yes > > François > > -----Nader Amadeu <[EMAIL PROTECTED]> wrote: ----- > > I have a remote Solaris 9 with the following options in > /etc/ssh/sshd_config: > X11Forwarding yes > X11DisplayOffset 10 > ForwardX11Trusted yes > > Then I ssh it from my local desktop: (only most important lines here) > > [localdesktop]% ssh -vvv -XY [EMAIL PROTECTED] > OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004 > debug1: Reading configuration data /etc/ssh/ssh_config > debug2: ssh_connect: needpriv 0 > debug1: Connecting to remoteserver [ip.address.here] port 22. > debug1: Connection established. > debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2 > debug1: match: OpenSSH_4.2 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903 > debug2: fd 3 setting O_NONBLOCK > debug1: Authentication succeeded (publickey). > debug1: channel 0: new [client-session] > debug3: ssh_session2_open: channel_new: 0 > debug2: channel 0: send open > debug1: Entering interactive session. > debug2: callback start > debug2: x11_get_proto: /usr/X11R6/bin/xauth list :0.0 . 2>/dev/null > debug1: Requesting X11 forwarding with authentication spoofing. > debug2: channel 0: request x11-req confirm 0 > debug2: client_session2_setup: id 0 > debug2: channel 0: request pty-req confirm 0 > debug2: channel 0: request shell confirm 0 > debug2: fd 3 setting TCP_NODELAY > debug2: callback done > debug2: channel 0: open confirm rwindow 0 rmax 32768 > debug2: channel 0: rcvd adjust 131072 > > Now in the remoteserver: > > [EMAIL PROTECTED] % echo $DISPLAY > DISPLAY: Undefined variable > [EMAIL PROTECTED] % netstat -a > remoteserver.ssh localdesktop.51899 66608 47 66608 0 > ESTABLISHED > > Even if i setenv DISPLAY to localhost:10, 11, 12 ... it does not work. > And from this netstat output I cannot find the X11 tuneling channel. > In another attempt below I have the following different debug messages: > > > [localdesktop]% ssh -vvv -o "ForwardX11Trusted no" [EMAIL PROTECTED] > debug2: x11_get_proto: /usr/X11R6/bin/xauth -f > /tmp/ssh-9xszkw26hB/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted > timeout 1200 2>/dev/null > debug2: x11_get_proto: /usr/X11R6/bin/xauth -f > /tmp/ssh-9xszkw26hB/xauthfile list :0.0 . 2>/dev/null > debug1: Requesting X11 forwarding with authentication spoofing. > debug2: channel 0: request x11-req confirm 0 > > > and again DISPLAY is an undefined variable. > Could anyone help me to get this X11 tunelling work? > Thanks all very much,
