From owner-freebsd-questions@freebsd.org Wed May 9 14:50:35 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA2F1FBEF94 for ; Wed, 9 May 2018 14:50:34 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from smh-06.1blu.de (smh-06.1blu.de [178.254.0.206]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8912C76420 for ; Wed, 9 May 2018 14:50:34 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from [172.16.29.5] (helo=sh4-5.1blu.de) by smh-06.1blu.de with esmtp (Exim 4.86_2) (envelope-from ) id 1fGQQK-00040c-Ea for freebsd-questions@freebsd.org; Wed, 09 May 2018 16:50:32 +0200 Received: from ftp51246-2575596 by sh4-5.1blu.de with local (Exim 4.86_2) (envelope-from ) id 1fGQQK-0008Jn-Ci for freebsd-questions@freebsd.org; Wed, 09 May 2018 16:50:32 +0200 Date: Wed, 9 May 2018 16:50:32 +0200 From: Matthias Apitz To: freebsd-questions@freebsd.org Subject: Re: ssh -X remote does not work due to problem with xauth Message-ID: <20180509145032.GA30959@sh4-5.1blu.de> Reply-To: Matthias Apitz Mail-Followup-To: freebsd-questions@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Operating-System: FreeBSD 12.0-CURRENT r314251 (amd64) X-message-flag: Mails containing HTML will not be read! Please send only plain text. User-Agent: Mutt/1.5.24 (2015-08-30) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 May 2018 14:50:35 -0000 El día Wednesday, May 09, 2018 a las 10:35:36AM -0400, James B. Byrne via freebsd-questions escribió: > > On Wed, May 9, 2018 06:47, Matthias Apitz wrote: > > > > When I launch 'ssh -X remote host' to get X11 forwarded to my > > workstation > > this does not work, i.e. does not produce a DISPLAY env on the remote > > host and says: > > > > $ ssh -X apitzm@srap16dxr1 > > Warning: untrusted X11 forwarding setup failed: xauth key data not > > generated > > Last login: Wed May 9 12:37:17 2018 from 10.49.8.33 > > apitzm@srap16dxr1:~> > > > > I digged into it with -vv options for ssh and trussing the client. It > > seems it's > > our end causing the problem: > > > > $ uname -a > > FreeBSD r314251-amd64 12.0-CURRENT FreeBSD 12.0-CURRENT #0 r314251: > > Sat Feb 25 17:14:40 CET 2017 > > root@r303343-amd64:/usr/obj/usr/src/sys/GENERIC amd64 > > > > $ truss -s128 -f -o ssh.tr ssh -X -vv apitzm@srap16dxr1 > > $ grep -i xauth ssh.tr > xauth.txt > > > > 20544: stat("/usr/local/bin/xauth",{ mode=-rwxr-xr-x > > ,inode=2820147,size=41056,blksize=32768 }) = 0 (0x0) > > 20544: write(2,"debug2: client_x11_get_proto: /usr/local/bin/xauth -f > > /tmp/ssh-zfFpkwHgD1qj/xauthfile generate :0 MIT-MAGIC-COOKIE-1 > > untrusted t"...,153) = 153 (0x99) > > 20545: execve("/usr/local/bin/xauth",0x801459260,0x801459408) = 0 > > (0x0) > > 20545: stat("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",0x7fffffffdc40) ERR#2 > > 'No such file or directory' > > 20545: > > openat(AT_FDCWD,"/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",O_WRONLY|O_CREAT|O_EXCL,0600) > > = 3 (0x3) > > 20545: pathconf("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",_PC_LINK_MAX) = > > 32767 (0x7fff) > > 20545: > > link("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c","/tmp/ssh-zfFpkwHgD1qj/xauthfile-l") > > = 0 (0x0) > > 20545: access("/tmp/ssh-zfFpkwHgD1qj/xauthfile",F_OK) ERR#2 'No such > > file or directory' > > 20545: open("/tmp/ssh-zfFpkwHgD1qj/xauthfile",O_RDONLY,0666) ERR#2 'No > > such file or directory' > > 20545: access("/tmp/ssh-zfFpkwHgD1qj/xauthfile",F_OK) ERR#2 'No such > > file or directory' > > 20545: write(2,"/usr/local/bin/xauth: file > > /tmp/ssh-zfFpkwHgD1qj/xauthfile does not exist\n",75) = 75 (0x4b) > > 20545: access("/tmp/kde-guru/xauth-1001-_0",R_OK) = 0 (0x0) > > 20545: open("/tmp/kde-guru/xauth-1001-_0",O_RDONLY,0666) = 4 (0x4) > > 20545: write(2,"/usr/local/bin/xauth: (argv):1: ",33) = 33 (0x21) > > 20545: lstat("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c",{ mode=-rw------- > > ,inode=8331,size=0,blksize=32768 }) = 0 (0x0) > > 20545: unlink("/tmp/ssh-zfFpkwHgD1qj/xauthfile-c") = 0 (0x0) > > 20545: lstat("/tmp/ssh-zfFpkwHgD1qj/xauthfile-l",{ mode=-rw------- > > ,inode=8331,size=0,blksize=32768 }) = 0 (0x0) > > 20545: unlink("/tmp/ssh-zfFpkwHgD1qj/xauthfile-l") = 0 (0x0) > > 20544: unlink("/tmp/ssh-zfFpkwHgD1qj/xauthfile") ERR#2 'No such file > > or directory' > > 20544: write(2,"Warning: untrusted X11 forwarding setup failed: xauth > > key data not generated\r\n",78) = 78 (0x4e) > > > > Any ideas? > > > > Thanks > > > > matthias > > You need the xauth pkg installed on the remote to generate the > .Xauthority file for the ssh session. The RPM is installed on the remote site: apitzm@srap16dxr1:~> rpm -qa | grep xauth xauth-1.0.8-1.51.x86_64 apitzm@srap16dxr1:~> which xauth /usr/bin/xauth apitzm@srap16dxr1:~> but the truss shows that the problem is on the local FreeBSD client site. matthias -- Matthias Apitz, ✉ guru@unixarea.de, ⌂ http://www.unixarea.de/ 📱 +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub