Re: cannot forward X11 after upgrading to openssh-3.8p1

From: Naota Hashimoto (see_at_the.signature)
Date: 05/17/04


Date: Mon, 17 May 2004 17:37:19 GMT

On 2004-05-17, Cameron Kerr <cameron.kerr@paradise.net.nz> wrote:
> Naota Hashimoto <see@the.signature> wrote:
>
>> Hello. On the local Slackware 9.1 box, I am running openssh-3.8p1.
>
>> It's a disaster. echo $DISPLAY shows nothing, and every X11 app
>> that WORKed before no longer works. I adjusted ssh_config and
>> sshd_config so many time, I specify that i want to forward X11 with
>> -X (not -x), and I've RTFM/STFW'd a lot, but I can't forward X11 at
>> all anymore.
>
> What does 'ssh -v -X YOURHOST' tell you?

OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to marijuana [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/rod/.ssh/identity type -1
debug1: identity file /home/rod/.ssh/id_rsa type 1
debug1: identity file /home/rod/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.8p1
debug1: match: OpenSSH_3.8p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'marijuana (127.0.0.1)' can't be established.
RSA key fingerprint is 2c:08:f8:5b:6e:b3:c1:16:a2:0e:ea:3c:7f:ef:63:ca.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'marijuana' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interacti ve
debug1: Next authentication method: publickey
debug1: Trying private key: /home/rod/.ssh/identity
debug1: Offering public key: /home/rod/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interacti ve
debug1: Offering public key: /home/rod/.ssh/id_dsa
debug1: Authentications that can continue: publickey,password,keyboard-interacti ve
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interacti ve
debug1: Next authentication method: password
rod@marijuana's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
Last login: Mon May 17 13:30:17 2004 from neotokyo
Linux 2.4.22.

> A little bit of Googling will show you a solution.
>
> http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-ssh-no-x11forwarding
>
> In short, 3.8 uses a different model for X11 trust. In short, try
> using -Y.
>

I appreciate you replying, but for some reason -Y isn't enabling X11forwarding
on the target box (marijuana). I really thought that article link you gave me
would help, too, because I hadn't tried -Y or X11ForwardTrusted yes yet.

After X11 wouldn't work on the target box, I tried setting $DISPLAY manually,
as the link specified. No luck.

Oddly enough, there's a box on my lan (also slackware 9.1) that couldn't forward
X11, but I didn't really need to with that box, so I left it alone. Just for
an experiment, I tried -Y instead of -X with that box, and it was forwarding
X11 like a pro.

Cameron, if you can do anything helpful with the results of 'ssh -v -X YOURHOST',
I'd be glad.

Naota.

-- 
naSota@tPampabay.rAr.cMom - > (remove 'S P A M')


Relevant Pages

  • Re: sftp -b <batch> refuses to connect
    ... debug1: Reading configuration data /etc/ssh/ssh_config ... Connecting to somesite port 22. ... Remote protocol version 2.0, ... debug1: Next authentication method: publickey ...
    (Fedora)
  • Re: ssh fron windows to Linux m/c without password
    ... debug1: Connecting to llpfbuild port 22. ... debug1: Next authentication method: keyboard-interactive ... Sent from the SSH mailing list archive at Nabble.com. ...
    (SSH)
  • ssh fron windows to Linux m/c without password
    ... debug1: Connecting to llpfbuild port 22. ... debug1: Next authentication method: keyboard-interactive ... Sent from the SSH mailing list archive at Nabble.com. ...
    (SSH)
  • Re: Unable to use sftp with root account
    ... debug1: Connecting to localhost port 22. ... debug1: Next authentication method: publickey ... debug1: Sending subsystem: sftp ...
    (Debian-User)
  • Re: ssh cannot login
    ... debug1: expecting SSH2_MSG_NEWKEYS ... debug1: Next authentication method: keyboard-interactive ... debug3: mm_request_send entering: type 48 ... debug3: mm_request_receive_expect entering: type 49 ...
    (Debian-User)