FreeBSD Mail Archives

Date:      Fri, 31 Dec 1999 14:27:08 +0000
From:      Ben Smithurst <ben@scientia.demon.co.uk>
To:        questions@freebsd.org
Cc:        green@freebsd.org
Subject:   openssh X11 forwarding
Message-ID:  <19991231142708.A6111@strontium.scientia.demon.co.uk>

next in thread | raw e-mail | index | archive | help

[ I've cc'd this to green@freebsd.org (openssh port maintainer) because
it does work normally with "normal" ssh (rather than openssh) on the
server (client version doesn't seem to matter). ]

can someone please tell me just what the hell I'm doing wrong here? X11
forwarding with ssh doesn't seem to want to work reliably. For example,
take the simple command "ssh magnesium xterm".  Sometimes it will work,

SSH Version OpenSSH-1.2, protocol version 1.5.
Compiled with SSL.
debug: Reading configuration data /usr/local/etc/ssh_config
debug: ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to magnesium.scientia.demon.co.uk [192.168.91.34] port 22.
debug: Allocated local port 887.
debug: Connection established.
debug: Remote protocol version 1.5, remote software version OpenSSH-1.2
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Host 'magnesium.scientia.demon.co.uk' is known and matches the host key.
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
debug: Remote: Accepted for strontium.scientia.demon.co.uk [192.168.91.36] by /etc/hosts.equiv.
debug: Received RSA challenge for host key from server.
debug: Sending response to host key RSA challenge.
debug: Remote: Rhosts with RSA host authentication accepted.
debug: Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.
debug: Requesting X11 forwarding with authentication spoofing.
debug: Requesting authentication agent forwarding.
debug: Sending command: xterm
debug: Entering interactive session.
Environment:
  USER=ben
  LOGNAME=ben
  HOME=/usr/home/ben
  PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
  MAIL=/var/mail/ben
  SHELL=/usr/local/bin/zsh
  SSH_CLIENT=192.168.91.36 887 22
  DISPLAY=magnesium.scientia.demon.co.uk:15.0
  XAUTHORITY=/tmp/Xauthui3585
  SSH_AUTH_SOCK=/tmp/ssh-eEii3585/agent.3585
Running /usr/X11R6/bin/xauth add magnesium.scientia.demon.co.uk:15.0 MIT-MAGIC-COOKIE-1 09c8728e995cf1d139a0aa73250db292
debug: Received X11 open request.
debug: channel 0: new [X11 connection from magnesium.scientia.demon.co.uk port 1392]
debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_DRAIN [rvcd IEOF]
debug: channel 0: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [obuf empty, send OCLOSE]
debug: channel 0: shutdown_write
debug: channel 0: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed]
debug: channel 0: shutdown_read
debug: channel 0: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF]
Waiting for forwarded connections to terminate...
The following connections are open:
  #2 X11 connection from magnesium.scientia.demon.co.uk port 1392 (t4 r0 i4 o16)
debug: channel 0: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE]
debug: channel 0: closing
debug: Transferred: stdin 0, stdout 611, stderr 0 bytes in 3.4 seconds
debug: Bytes per second: stdin 0.0, stdout 179.7, stderr 0.0
debug: Exit status 0

that's all well and good, but sometimes it won't: (diffs from previous
output to highlight what's changed - not much)

--- ssh-debug1	Fri Dec 31 01:15:47 1999
+++ ssh-debug2	Fri Dec 31 01:16:14 1999
@@ -3,7 +3,7 @@
 debug: Reading configuration data /usr/local/etc/ssh_config
 debug: ssh_connect: getuid 0 geteuid 0 anon 0
 debug: Connecting to magnesium.scientia.demon.co.uk [192.168.91.34] port 22.
-debug: Allocated local port 890.
+debug: Allocated local port 887.
 debug: Connection established.
 debug: Remote protocol version 1.5, remote software version OpenSSH-1.2
 debug: Waiting for server public key.
@@ -30,27 +30,24 @@
   PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
   MAIL=/var/mail/ben
   SHELL=/usr/local/bin/zsh
-  SSH_CLIENT=192.168.91.36 890 22
-  DISPLAY=magnesium.scientia.demon.co.uk:12.0
-  XAUTHORITY=/tmp/XauthdO3573
-  SSH_AUTH_SOCK=/tmp/ssh-VHxs3573/agent.3573
-Running /usr/X11R6/bin/xauth add magnesium.scientia.demon.co.uk:12.0 MIT-MAGIC-COOKIE-1 e9dfd1d3ca4abbcfc633c06777e4c3b0
+  SSH_CLIENT=192.168.91.36 887 22
+  DISPLAY=magnesium.scientia.demon.co.uk:15.0
+  XAUTHORITY=/tmp/Xauthui3585
+  SSH_AUTH_SOCK=/tmp/ssh-eEii3585/agent.3585
+Running /usr/X11R6/bin/xauth add magnesium.scientia.demon.co.uk:15.0 MIT-MAGIC-COOKIE-1 09c8728e995cf1d139a0aa73250db292
 debug: Received X11 open request.
-debug: channel 0: new [X11 connection from magnesium.scientia.demon.co.uk port 1389]
-debug: X11 connection uses different authentication protocol.
-X11 connection rejected because of wrong authentication.
-
-debug: X11 rejected 0 i1/o16
+debug: channel 0: new [X11 connection from magnesium.scientia.demon.co.uk port 1392]
+debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_DRAIN [rvcd IEOF]
+debug: channel 0: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [obuf empty, send OCLOSE]
+debug: channel 0: shutdown_write
 debug: channel 0: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed]
 debug: channel 0: shutdown_read
-debug: channel 0: OUTPUT_OPEN -> OUTPUT_WAIT_IEOF [write failed]
-debug: channel 0: shutdown_write
-debug: X11 rejected 0 i2/o64
 debug: channel 0: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF]
-debug: channel 0: OUTPUT_WAIT_IEOF -> OUTPUT_CLOSED [rvcd IEOF]
+Waiting for forwarded connections to terminate...
+The following connections are open:
+  #2 X11 connection from magnesium.scientia.demon.co.uk port 1392 (t4 r0 i4 o16)
 debug: channel 0: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE]
 debug: channel 0: closing
-X connection to magnesium.scientia.demon.co.uk:12.0 broken (explicit kill or server shutdown).
-debug: Transferred: stdin 0, stdout 537, stderr 0 bytes in 0.1 seconds
-debug: Bytes per second: stdin 0.0, stdout 6233.2, stderr 0.0
-debug: Exit status 1
+debug: Transferred: stdin 0, stdout 611, stderr 0 bytes in 3.4 seconds
+debug: Bytes per second: stdin 0.0, stdout 179.7, stderr 0.0
+debug: Exit status 0

Have I done something really stupid to make this happen? Since capturing
the above output, I've upgraded to OpenSSH-1.2.1 (the latest port) and
that hasn't helped, and I've got XFree86-3.3.5 compiled myself from
the port. What is the "different authentication protocol" that the X11
connection uses that ssh doesn't like? Is there some configuration
file I've screwed up? (I just tried with ssh (not openssh) on the
client and the error was: X11 connection uses different authentication
protocol: 'MIT-MAGIC-COOKIE-1' vs. '', which is a bit more helpful than
openssh's message, but still doesn't help me much.)

I've tried a few other things, and nothing has helped so far.

-- 
Ben Smithurst            | PGP: 0x99392F7D
ben@scientia.demon.co.uk |   key available from keyservers and
                         |   ben+pgp@scientia.demon.co.uk


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991231142708.A6111>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation