Date: Fri, 31 Dec 1999 14:27:08 +0000 From: Ben Smithurst <ben@scientia.demon.co.uk> To: questions@freebsd.org Cc: green@freebsd.org Subject: openssh X11 forwarding Message-ID: <19991231142708.A6111@strontium.scientia.demon.co.uk>
next in thread | raw e-mail | index | archive | help
[ I've cc'd this to green@freebsd.org (openssh port maintainer) because it does work normally with "normal" ssh (rather than openssh) on the server (client version doesn't seem to matter). ] can someone please tell me just what the hell I'm doing wrong here? X11 forwarding with ssh doesn't seem to want to work reliably. For example, take the simple command "ssh magnesium xterm". Sometimes it will work, SSH Version OpenSSH-1.2, protocol version 1.5. Compiled with SSL. debug: Reading configuration data /usr/local/etc/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to magnesium.scientia.demon.co.uk [192.168.91.34] port 22. debug: Allocated local port 887. debug: Connection established. debug: Remote protocol version 1.5, remote software version OpenSSH-1.2 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host 'magnesium.scientia.demon.co.uk' is known and matches the host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying rhosts or /etc/hosts.equiv with RSA host authentication. debug: Remote: Accepted for strontium.scientia.demon.co.uk [192.168.91.36] by /etc/hosts.equiv. debug: Received RSA challenge for host key from server. debug: Sending response to host key RSA challenge. debug: Remote: Rhosts with RSA host authentication accepted. debug: Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server. debug: Requesting X11 forwarding with authentication spoofing. debug: Requesting authentication agent forwarding. debug: Sending command: xterm debug: Entering interactive session. Environment: USER=ben LOGNAME=ben HOME=/usr/home/ben PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin MAIL=/var/mail/ben SHELL=/usr/local/bin/zsh SSH_CLIENT=192.168.91.36 887 22 DISPLAY=magnesium.scientia.demon.co.uk:15.0 XAUTHORITY=/tmp/Xauthui3585 SSH_AUTH_SOCK=/tmp/ssh-eEii3585/agent.3585 Running /usr/X11R6/bin/xauth add magnesium.scientia.demon.co.uk:15.0 MIT-MAGIC-COOKIE-1 09c8728e995cf1d139a0aa73250db292 debug: Received X11 open request. debug: channel 0: new [X11 connection from magnesium.scientia.demon.co.uk port 1392] debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_DRAIN [rvcd IEOF] debug: channel 0: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [obuf empty, send OCLOSE] debug: channel 0: shutdown_write debug: channel 0: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed] debug: channel 0: shutdown_read debug: channel 0: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF] Waiting for forwarded connections to terminate... The following connections are open: #2 X11 connection from magnesium.scientia.demon.co.uk port 1392 (t4 r0 i4 o16) debug: channel 0: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE] debug: channel 0: closing debug: Transferred: stdin 0, stdout 611, stderr 0 bytes in 3.4 seconds debug: Bytes per second: stdin 0.0, stdout 179.7, stderr 0.0 debug: Exit status 0 that's all well and good, but sometimes it won't: (diffs from previous output to highlight what's changed - not much) --- ssh-debug1 Fri Dec 31 01:15:47 1999 +++ ssh-debug2 Fri Dec 31 01:16:14 1999 @@ -3,7 +3,7 @@ debug: Reading configuration data /usr/local/etc/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to magnesium.scientia.demon.co.uk [192.168.91.34] port 22. -debug: Allocated local port 890. +debug: Allocated local port 887. debug: Connection established. debug: Remote protocol version 1.5, remote software version OpenSSH-1.2 debug: Waiting for server public key. @@ -30,27 +30,24 @@ PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin MAIL=/var/mail/ben SHELL=/usr/local/bin/zsh - SSH_CLIENT=192.168.91.36 890 22 - DISPLAY=magnesium.scientia.demon.co.uk:12.0 - XAUTHORITY=/tmp/XauthdO3573 - SSH_AUTH_SOCK=/tmp/ssh-VHxs3573/agent.3573 -Running /usr/X11R6/bin/xauth add magnesium.scientia.demon.co.uk:12.0 MIT-MAGIC-COOKIE-1 e9dfd1d3ca4abbcfc633c06777e4c3b0 + SSH_CLIENT=192.168.91.36 887 22 + DISPLAY=magnesium.scientia.demon.co.uk:15.0 + XAUTHORITY=/tmp/Xauthui3585 + SSH_AUTH_SOCK=/tmp/ssh-eEii3585/agent.3585 +Running /usr/X11R6/bin/xauth add magnesium.scientia.demon.co.uk:15.0 MIT-MAGIC-COOKIE-1 09c8728e995cf1d139a0aa73250db292 debug: Received X11 open request. -debug: channel 0: new [X11 connection from magnesium.scientia.demon.co.uk port 1389] -debug: X11 connection uses different authentication protocol. -X11 connection rejected because of wrong authentication. - -debug: X11 rejected 0 i1/o16 +debug: channel 0: new [X11 connection from magnesium.scientia.demon.co.uk port 1392] +debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_DRAIN [rvcd IEOF] +debug: channel 0: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [obuf empty, send OCLOSE] +debug: channel 0: shutdown_write debug: channel 0: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed] debug: channel 0: shutdown_read -debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_IEOF [write failed] -debug: channel 0: shutdown_write -debug: X11 rejected 0 i2/o64 debug: channel 0: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF] -debug: channel 0: OUTPUT_WAIT_IEOF -> OUTPUT_CLOSED [rvcd IEOF] +Waiting for forwarded connections to terminate... +The following connections are open: + #2 X11 connection from magnesium.scientia.demon.co.uk port 1392 (t4 r0 i4 o16) debug: channel 0: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE] debug: channel 0: closing -X connection to magnesium.scientia.demon.co.uk:12.0 broken (explicit kill or server shutdown). -debug: Transferred: stdin 0, stdout 537, stderr 0 bytes in 0.1 seconds -debug: Bytes per second: stdin 0.0, stdout 6233.2, stderr 0.0 -debug: Exit status 1 +debug: Transferred: stdin 0, stdout 611, stderr 0 bytes in 3.4 seconds +debug: Bytes per second: stdin 0.0, stdout 179.7, stderr 0.0 +debug: Exit status 0 Have I done something really stupid to make this happen? Since capturing the above output, I've upgraded to OpenSSH-1.2.1 (the latest port) and that hasn't helped, and I've got XFree86-3.3.5 compiled myself from the port. What is the "different authentication protocol" that the X11 connection uses that ssh doesn't like? Is there some configuration file I've screwed up? (I just tried with ssh (not openssh) on the client and the error was: X11 connection uses different authentication protocol: 'MIT-MAGIC-COOKIE-1' vs. '', which is a bit more helpful than openssh's message, but still doesn't help me much.) I've tried a few other things, and nothing has helped so far. -- Ben Smithurst | PGP: 0x99392F7D ben@scientia.demon.co.uk | key available from keyservers and | ben+pgp@scientia.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991231142708.A6111>