bin/120963: X11 forwarding cannot work
Tateoka Takamichi
tate at cs.uec.ac.jp
Fri Feb 22 07:50:02 UTC 2008
>Number: 120963
>Category: bin
>Synopsis: X11 forwarding cannot work
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 22 07:50:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Tateoka Takamichi
>Release: FreeBSD 6.3-RELEASE i386
>Organization:
University of Electro-Communications
>Environment:
System: FreeBSD gilbert.cs.uec.ac.jp 6.3-RELEASE FreeBSD 6.3-RELEASE #1: Mon Jan 28 16:42:21 JST 2008 tate at gilbert.cs.uec.ac.jp:/usr/obj/usr/src/sys/GENERIC i386
/usr/sbin/sshd
ports/x11/xauth (installed to /usr/local/bin/xauth)
>Description:
sshd cannot find xauth.
because /usr/X11R6/bin/xauth is hard-coded in /usr/bin/sshd.
So, X11Fowarding cannot work.
>How-To-Repeat:
Login from remote host with X11 forwarding like that.
leaf:tate[168]% ssh -v -Y gilbert.cs.uec.ac.jp
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004
debug1: Reading configuration data /home/tate/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
[snip]
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Remote: No xauth program; cannot forward with spoofing.
gilbert:tate[1]% echo $DISPLAY
DISPLAY: Undefined variable.
gilbert:tate[2]% which xauth
/usr/local/bin/xauth
gilbert:tate[3]%
We can find /usr/X11R6/bin/xauth is hard-coded like that:
gilbert:tate[2]% strings /usr/sbin/sshd |grep xauth
xauthlocation
maxauthtries
/usr/X11R6/bin/xauth
No xauth program; cannot forward with spoofing.
gilbert:tate[3]%
>Fix:
For workaround, make a symbolic-link from /usr/X11R6 to /usr/local.
set X11BASE to /usr/local in make.conf? I'm not sure.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list