ssh -X remote does not work due to problem with xauth
Christoph Moench-Tegeder
cmt at burggraben.net
Thu May 10 19:25:25 UTC 2018
## Matthias Apitz (guru at unixarea.de):
> I'm facing a problem with running from FreeBSD 'ssh -X remote host'. The
> remotre server is a recent SLES Linux system. This thread started in
> freebsd-questions@ and I now move it to here as it seems more a problem
> of the Xorg server than a ssh problem of the base system.
As the ssh manpage tells us, X11 forwarding with "-X" is subject to
the X11 SECURITY extension controls. For the whole X11 SECURITY stuff,
the doc entry point is
https://www.x.org/wiki/Development/Documentation/Security/ , but in
a hash - "... SECURITY, which provides support for a simple
trusted/untrusted connection model. Untrusted clients are restricted...".
What you want in most cases is a "trusted" connection, which you'll
get by using "ssh -Y" (or by using ForwardX11Trusted in ssh config).
Once you know about the SECURITY extension, this is entirely
expected...
Use xdpyinfo to find out about active X11 extensions: on my systems,
the FreeBSD system with fairly minimal X11 configuration does not
have SECURITY active (so using "ssh -X" from Linux to FreeBSD works
out fine), but the Linux (Debian) system with a similarily minimal
xorg.conf has SECURITY enabled: I need "ssh -Y" from FreeBSD to Linux.
I haven't yet checked what causes these differing defaults.
Regards,
Christoph
--
Spare Space
More information about the freebsd-x11
mailing list