From owner-freebsd-jail@FreeBSD.ORG Fri Mar 21 19:33:59 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2A851F6C for ; Fri, 21 Mar 2014 19:33:59 +0000 (UTC) Received: from chkenon.earlham.edu (chkenon.earlham.edu [159.28.1.87]) by mx1.freebsd.org (Postfix) with ESMTP id ECBF38FF for ; Fri, 21 Mar 2014 19:33:58 +0000 (UTC) X-ASG-Debug-ID: 1395429418-079a1f4fe3c9aa0001-dVRlEP Received: from sunstone.earlham.edu (sunstone.earlham.edu [159.28.3.91]) by chkenon.earlham.edu with ESMTP id zAJv3X2nUxsTW0P5 for ; Fri, 21 Mar 2014 15:16:58 -0400 (EDT) X-Barracuda-Envelope-From: schulra@earlham.edu X-Barracuda-Apparent-Source-IP: 159.28.3.91 Received: from tdream.lly.earlham.edu (tdream.lly.earlham.edu [159.28.7.241]) by sunstone.earlham.edu (Postfix) with ESMTP id 5D908171D53E for ; Fri, 21 Mar 2014 15:16:58 -0400 (EDT) Date: Fri, 21 Mar 2014 15:16:58 -0400 (EDT) From: Randy Schultz X-X-Sender: schulra@localhost To: freebsd-jail@freebsd.org Subject: jails and X forwarding Message-ID: X-ASG-Orig-Subj: jails and X forwarding User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Barracuda-Connect: sunstone.earlham.edu[159.28.3.91] X-Barracuda-Start-Time: 1395429418 X-Barracuda-URL: http://159.28.1.87:8000/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at earlham.edu X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=1000.0 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.4128 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 19:33:59 -0000 Hiya, I am trying to allow a jail to do X forwarding ala ssh -Y, but seem to be missing something. I have narrowed it down to something with the jail, having successfully done this with non-jails. IOW, sshd_config has "X11Forwarding yes" etc. The system is fbsd 9.2-STABLE. The jail is set up using ezjail. I have tweaked various jail sysctl settings in case there was something there I was missing. I disabled the firewall rules to removed potential interference from that angle. All to no avail. I keep getting ye olde xclock X11 connection rejected because of wrong authentication. Error: Can't open display: localhost:10.0 What am I missing? -- Randy (schulra@earlham.edu) 765.983.1283 <*> Hatred does not cease by hatred, but only by love; this is the eternal rule. - Siddhartha Gautama