From owner-freebsd-questions@freebsd.org Wed May 9 14:35:47 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 30DEAFBE825 for ; Wed, 9 May 2018 14:35:47 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from inet08.hamilton.harte-lyne.ca (inet08.hamilton.harte-lyne.ca [216.185.71.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "inet08.hamilton.harte-lyne.ca", Issuer "CA_HLL_ISSUER_2016" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B00E773379 for ; Wed, 9 May 2018 14:35:46 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from localhost (localhost [127.0.0.1]) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTP id AC9B26248D; Wed, 9 May 2018 10:35:45 -0400 (EDT) X-Virus-Scanned: amavisd-new at harte-lyne.ca Received: from inet08.hamilton.harte-lyne.ca ([127.0.0.1]) by localhost (inet08.hamilton.harte-lyne.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SbiciAx2aNBF; Wed, 9 May 2018 10:35:37 -0400 (EDT) Received: from webmail.harte-lyne.ca (inet04.hamilton.harte-lyne.ca [216.185.71.24]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTPSA id 06BCF61EA8; Wed, 9 May 2018 10:35:35 -0400 (EDT) Received: from 216.185.71.44 (SquirrelMail authenticated user byrnejb_hll) by webmail.harte-lyne.ca with HTTP; Wed, 9 May 2018 10:35:36 -0400 Message-ID: In-Reply-To: References: Date: Wed, 9 May 2018 10:35:36 -0400 Subject: Re: ssh -X remote does not work due to problem with xauth From: "James B. Byrne" To: "Matthias Apitz" Cc: freebsd-questions@freebsd.org Reply-To: byrnejb@harte-lyne.ca User-Agent: SquirrelMail/1.4.22-5.el6 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 May 2018 14:35:47 -0000 On Wed, May 9, 2018 06:47, Matthias Apitz wrote: > > When I launch 'ssh -X remote host' to get X11 forwarded to my > workstation > this does not work, i.e. does not produce a DISPLAY env on the remote > host and says: > > $ ssh -X apitzm@srap16dxr1 > Warning: untrusted X11 forwarding setup failed: xauth key data not > generated > Last login: Wed May 9 12:37:17 2018 from 10.49.8.33 > apitzm@srap16dxr1:~> > > I digged into it with -vv options for ssh and trussing the client. It > seems it's > our end causing the problem: > > $ uname -a > FreeBSD r314251-amd64 12.0-CURRENT FreeBSD 12.0-CURRENT #0 r314251: > Sat Feb 25 17:14:40 CET 2017 > root@r303343-amd64:/usr/obj/usr/src/sys/GENERIC amd64 > > $ truss -s128 -f -o ssh.tr ssh -X -vv apitzm@srap16dxr1 > $ grep -i xauth ssh.tr > xauth.txt > > 20544: stat("/usr/local/bin/xauth",{ mode=-rwxr-xr-x > ,inode=2820147,size=41056,blksize=32768 }) = 0 (0x0) > 20544: write(2,"debug2: client_x11_get_proto: /usr/local/bin/xauth -f > /tmp/ssh-zfFpkwHgD1qj/xauthfile generate :0 MIT-MAGIC-COOKIE-1 > untrusted t"...,153) = 153 (0x99) > 20545: execve("/usr/local/bin/xauth",0x801459260,0x801459408) = 0 > (0x0) > 20545: stat("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",0x7fffffffdc40) ERR#2 > 'No such file or directory' > 20545: > openat(AT_FDCWD,"/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",O_WRONLY|O_CREAT|O_EXCL,0600) > = 3 (0x3) > 20545: pathconf("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",_PC_LINK_MAX) = > 32767 (0x7fff) > 20545: > link("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c","/tmp/ssh-zfFpkwHgD1qj/xauthfile-l") > = 0 (0x0) > 20545: access("/tmp/ssh-zfFpkwHgD1qj/xauthfile",F_OK) ERR#2 'No such > file or directory' > 20545: open("/tmp/ssh-zfFpkwHgD1qj/xauthfile",O_RDONLY,0666) ERR#2 'No > such file or directory' > 20545: access("/tmp/ssh-zfFpkwHgD1qj/xauthfile",F_OK) ERR#2 'No such > file or directory' > 20545: write(2,"/usr/local/bin/xauth: file > /tmp/ssh-zfFpkwHgD1qj/xauthfile does not exist\n",75) = 75 (0x4b) > 20545: access("/tmp/kde-guru/xauth-1001-_0",R_OK) = 0 (0x0) > 20545: open("/tmp/kde-guru/xauth-1001-_0",O_RDONLY,0666) = 4 (0x4) > 20545: write(2,"/usr/local/bin/xauth: (argv):1: ",33) = 33 (0x21) > 20545: lstat("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",{ mode=-rw------- > ,inode=8331,size=0,blksize=32768 }) = 0 (0x0) > 20545: unlink("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c") = 0 (0x0) > 20545: lstat("/tmp/ssh-zfFpkwHgD1qj/xauthfile-l",{ mode=-rw------- > ,inode=8331,size=0,blksize=32768 }) = 0 (0x0) > 20545: unlink("/tmp/ssh-zfFpkwHgD1qj/xauthfile-l") = 0 (0x0) > 20544: unlink("/tmp/ssh-zfFpkwHgD1qj/xauthfile") ERR#2 'No such file > or directory' > 20544: write(2,"Warning: untrusted X11 forwarding setup failed: xauth > key data not generated\r\n",78) = 78 (0x4e) > > Any ideas? > > Thanks > > matthias You need the xauth pkg installed on the remote to generate the .Xauthority file for the ssh session. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3