I have installed openssh-2.1.1p2, including the server and client
package on two linux boxex one with RH6.1
and one with RH6.2, but I have server problems with X11 forwarding,
which I have explicitely enabled in
the sshd_config and ssh_config files on both machines.
It appears as if the remote machine is not able to do the xauth.
The DISPLAY is correctly set but the .Xauthority does not contain the
relative string! See below for a detailed verbose session
When I use ssh -v from one to the other this is what I get
dftpc6:~> ssh -v dftpc5
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for *
debug: Seeding random number generator
debug: ssh_connect: getuid 204 geteuid 0 anon 0
debug: Connecting to dftpc5.ts.infn.it [140.105.31.157] port 22.
debug: Seeding random number generator
debug: Allocated local port 728.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version
OpenSSH_2.1.1
debug: Local version string SSH-1.5-OpenSSH_2.1.1
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Host 'dftpc5.ts.infn.it' is known and matches the RSA host key.
debug: Seeding random number generator
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
debug: Remote: Accepted by .shosts.
debug: Received RSA challenge for host key from server.
debug: Sending response to host key RSA challenge.
debug: Remote: Rhosts with RSA host authentication accepted.
debug: Rhosts or /etc/hosts.equiv with RSA host authentication accepted
by server.
debug: Requesting pty.
debug: Requesting X11 forwarding with authentication spoofing.
debug: Requesting shell.
debug: Entering interactive session.
Last login: Mon Jul 10 17:15:25 2000 from axpts2.ts.infn.it
dftpc5:~>
When I try a X application I get
dftpc5:~> /usr/X11R6/bin/xterm
debug: Received X11 open request.
debug: fd 4 setting O_NONBLOCK
debug: channel 0: new [X11 connection from dftpc5.ts.infn.it port 1214]
debug: X11 connection uses different authentication protocol.
debug: X11 rejected 0 i1/o16
debug: channel 0: read failed
debug: channel 0: input open -> drain
debug: channel 0: close_read
debug: channel 0: input: no drain shortcut
debug: channel 0: ibuf empty
debug: channel 0: input drain -> wait_oclose
debug: channel 0: send ieof
debug: channel 0: write failed
debug: channel 0: output open -> wait_ieof
debug: channel 0: send oclose
debug: channel 0: close_write
debug: X11 closed 0 i4/o64
debug: channel 0: rcvd ieof
debug: channel 0: non-open
channel 0: istate 4 != open
channel 0: ostate 64 != open
debug: channel 0: rcvd oclose
debug: channel 0: input wait_oclose -> closed
X connection to dftpc5.ts.infn.it:10.0 broken (explicit kill or server
shutdown)
dftpc5:~> env |grep DISPLAY
DISPLAY=dftpc5.ts.infn.it:10.0
dftpc5:~> xauth list
xauth: creating new authority file /home/senatore/.Xauthority
But in fact the .Xauthority remains empty.
Before openssh I had ssh and everything was working fine, so I believe
my X setup should be fine.
I also attach the sshd_config and ssh_config file, which are identical
on thetwo machines.
--
Gaetano Senatore - DFT, Strada Costiera 11, I-34014 Trieste
[EMAIL PROTECTED] - tel: +39 040 2240278 - fax: +39 040 224601
# This is ssh server systemwide configuration file.
Port 22
#Protocol 2,1
ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication yes
#
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
#SkeyAuthentication no
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
CheckMail no
UseLogin no
#Subsystem sftp /usr/local/sbin/sftpd
# This is ssh client systemwide configuration file. This file provides
# defaults for users, and the values can be changed in per-user configuration
# files or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent yes
# ForwardX11 yes
# RhostsAuthentication yes
# RhostsRSAAuthentication yes
# RSAAuthentication yes
# PasswordAuthentication yes
# FallBackToRsh yes
# UseRsh no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking no
# IdentityFile ~/.ssh/identity
# Port 22
# Protocol 2,1
# Cipher 3des
# EscapeChar ~
# Be paranoid by default
Host *
ForwardAgent yes
ForwardX11 yes
FallBackToRsh no
begin:vcard
n:Senatore;Gaetano
tel;fax:+39040224601
tel;work:+390402240278
x-mozilla-html:FALSE
org:Università di Trieste e INFM;Dipartimento di Fisica Teorica
adr:;;Strada Costiera 11;Trieste;;I-34014;Italy
version:2.1
email;internet:[EMAIL PROTECTED]
title:Prof
fn:Gaetano Senatore
end:vcard
