xauth failure when tunneling over ssh
Pollywog
lists-fbsd at shadypond.com
Wed Nov 12 11:00:00 PST 2008
On Wednesday 12 November 2008 18:20:00 Elliot Isaacson wrote:
> > On Wednesday 12 November 2008 15:51:42 Elliot Isaacson wrote:
> > > #UsePAM yes
> > > #AllowTcpForwarding yes
> > > #GatewayPorts no
> > > #X11Forwarding yes
> > > #X11DisplayOffset 10
> > > #X11UseLocalhost yes
> > > #PrintMotd yes
> > > #PrintLastLog yes
> > > #TCPKeepAlive yes
> > > #UseLogin no
> > > #UsePrivilegeSeparation yes
> > > #PermitUserEnvironment no
> > > #Compression delayed
> > > #ClientAliveInterval 0
> > > #ClientAliveCountMax 3
> > > #UseDNS yes
> > > #PidFile /var/run/sshd.pid
> > > #MaxStartups 10
> > > #PermitTunnel no
> >
> > Shouldn't PermitTunnel be set to yes ?
>
> Thanks for the suggestion. PermitTunnel has something to do with
> using a specific software network loopback device, tun(4). I don't
> think it has anything to do with forwarding traffic, X11 or
> otherwise, through an ssh tunnel. Just to be sure I tried switching
> that on, but it didn't seem to help.
>
> This is a reiteration of the problem so no one has to sift though
> the archives to find it:
>
> $ xhost +
>
> $ ssh -Y 192.ip.of.freebsdserver
> Warning: No xauth data; using fake authentication data for X11
> forwarding.
>
> /usr/local/bin/xauth:
>
>
In case you have not done so, you should also check /etc/ssh/ssh_config on the
client machines. I had to add something like this on my client machine which
is Linux:
Host localhost
HostName 127.0.0.1
ForwardAgent yes
ForwardX11 yes
ForwardX11Trusted yes
PubkeyAuthentication yes
PasswordAuthentication yes
Protocol 2
Host *
ForwardAgent no
ForwardX11 no
ForwardX11Trusted yes
XAuthLocation /usr/bin/xauth
If you are using gdm on the server, you might try shutting that down for
testing. I seem to recall having to modify some setting in gdm that had to do
with xauth. I did not make a note of what I did though.
More information about the freebsd-questions
mailing list