Date: Wed, 9 Jun 1999 22:20:15 -0400 (EDT) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: dwhite@resnet.uoregon.edu (Doug White) Cc: cjclark@home.com, freebsd-questions@FreeBSD.ORG Subject: Re: SSH X Forwarding Message-ID: <199906100220.WAA08126@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <Pine.BSF.4.03.9906091703400.3005-100000@resnet.uoregon.edu> from Doug White at "Jun 9, 99 05:04:52 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Doug White wrote, > On Wed, 9 Jun 1999, Crist J. Clark wrote: > > The first time this occured, the machine in question had 'xlock' > > running, and I wondered if this was preventing X connections (which > > does not seem like proper behavior, but this is one of the few things > > about this machine that is different from the others I connect to > > successfully). However, now, with no xlock, there are the same errors. > > > > The sshd server in question is running on 3.1-STABLE and was built > > from the ports. > > Perhaps a tcpdump is in order? Maybe the remote is blocking X requests > from non-local hosts. Well, the machine I was having problems with earlier _is_ local (on the same wire, I assume that is what you mean). But I did the dump just now from a remote machine... I'm not sure what exactly to make of it. The machines talk a bit when the connetion is made. Then, I give an 'xterm' command, and tcpdump shows, 22:06:00.155784 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 756:776(20) ack 1352 win 17520 (DF) [tos 0x10] 22:06:00.334199 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1352:1372(20) ack 776 win 17520 (DF) [tos 0x10] 22:06:00.380118 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1372 win 17520 (DF) [tos 0x10] 22:06:00.750710 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 776:796(20) ack 1372 win 17520 (DF) [tos 0x10] 22:06:00.975884 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1372:1392(20) ack 796 win 17520 (DF) [tos 0x10] 22:06:00.980135 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1392 win 17520 (DF) [tos 0x10] 22:06:01.022457 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 796:816(20) ack 1392 win 17520 (DF) [tos 0x10] 22:06:01.130711 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1392:1412(20) ack 816 win 17520 (DF) [tos 0x10] 22:06:01.180135 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1412 win 17520 (DF) [tos 0x10] 22:06:01.182652 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 816:836(20) ack 1412 win 17520 (DF) [tos 0x10] 22:06:01.237078 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 836:856(20) ack 1412 win 17520 (DF) [tos 0x10] 22:06:01.299060 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1412:1432(20) ack 856 win 17520 (DF) [tos 0x10] 22:06:01.314166 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 856:876(20) ack 1432 win 17520 (DF) [tos 0x10] 22:06:01.323674 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1432:1452(20) ack 856 win 17520 (DF) [tos 0x10] 22:06:01.380128 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1452 win 17520 (DF) [tos 0x10] 22:06:01.439768 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1452:1472(20) ack 876 win 17520 (DF) [tos 0x10] 22:06:01.580124 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1472 win 17520 (DF) [tos 0x10] 22:06:02.000272 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: P 876:896(20) ack 1472 win 17520 (DF) [tos 0x10] 22:06:02.114737 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1472:1492(20) ack 896 win 17520 (DF) [tos 0x10] 22:06:02.180143 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1492 win 17520 (DF) [tos 0x10] 22:07:17.116835 pc222.mydomain.com.ssh > mypc.myhome.com.1010: P 1492:1632(140) ack 896 win 17520 (DF) [tos 0x10] 22:07:17.184970 mypc.myhome.com.1010 > pc222.mydomain.com.ssh: . ack 1632 win 17520 (DF) [tos 0x10] Where I believe that final exchange is pc222 passing me the failure message. I'm not exactly sure how I could be more detailed in a tcpdump of a ssh session. After all, everything deeper than what I have shown is encrypted, no? Any more suggestions of what to check would be appreciated. Or a diagnosis of the above that I am missing would be even better. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906100220.WAA08126>