Date: Wed, 13 Dec 2000 10:00:05 -0800 (PST) From: David Malone <dwmalone@maths.tcd.ie> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/23523: sshd creates empty X11 auth cookies file when ~/.ssh/rc exists Message-ID: <200012131800.eBDI05c95486@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/23523; it has been noted by GNATS. From: David Malone <dwmalone@maths.tcd.ie> To: peter@mutsaers.com Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: bin/23523: sshd creates empty X11 auth cookies file when ~/.ssh/rc exists Date: Wed, 13 Dec 2000 17:56:36 +0000 On Wed, Dec 13, 2000 at 07:50:47AM -0800, peter@mutsaers.com wrote: > Login from a ssh client with -v -X (X11 connection forwarding). > Opening X11 clients won't work because of "different authentication" protocols, error caused by the invalid (empty) cookies file. This is the (rather weird) documented behavior of these rc files see sshd(8). The xauth info is passed on stdin and then it's the rc script's job to deal with it. We do the following in /etc/ssh/sshrc: #!/bin/sh PATH="/usr/X11R6/bin:$PATH" if [ -n "$DISPLAY" ] && read proto cookie; then echo add $DISPLAY $proto $cookie | xauth -q - if [ -n "$XAUTHORITY" ] ; then sshauthorityfile="$XAUTHORITY" unset XAUTHORITY xauth merge "$sshauthorityfile" fi fi This writes the cookie into the xauth file in people's home directories, which we expect for our local setup. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012131800.eBDI05c95486>