Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 01 Aug 2006 20:59:05 -0700
From:      Micah <micahjon@ywave.com>
To:        "Chad Leigh -- Shire.Net LLC" <chad@shire.net>
Cc:        FreeBSD Questions <questions@freebsd.org>
Subject:   Re: X11+ssh+jail
Message-ID:  <44D02309.5070300@ywave.com>
In-Reply-To: <61130535-366F-4E26-BCD2-2EB31386EB5C@shire.net>
References:  <44CFE745.1000206@ywave.com> <974320D7-3E87-4D57-9A79-BD3ED46D1B0C@shire.net> <44D01AC3.5050705@ywave.com> <61130535-366F-4E26-BCD2-2EB31386EB5C@shire.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Chad Leigh -- Shire.Net LLC wrote:
> 
> On Aug 1, 2006, at 9:23 PM, Micah wrote:
> 
>>
>> Nope I didn't su, I just ssh'd in as a regular user and immediately 
>> tried xclock. I also tried ssh'ing in as root to see if it's a perms 
>> problem, but root gets the same error. Maybe I've got a configuration 
>> error somewhere? ezjail mounts much of the file system ro, maybe 
>> that's causing a problem?
>>
> 
> Again, I am not an expert, but make sure you have an .Xauthority file in 
> the login dir root of the account you are logging in to and that it has 
> a creation or modification date at the same time you logged in (to make 
> sure that you really are getting it set).
> 
> Chad

Thanks for the idea, here's a test run:

test% ll .Xauthority
-rw-------  1 bsdmjl  bsdmjl   112B Aug  1 20:51 .Xauthority
test% rm .Xauthority
test% exit
logout
Connection to 10.0.0.1 closed.
trisha% ssh -X 10.0.0.1
Password:
Last login: Tue Aug  1 20:51:33 2006 from 10.0.0.1
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
         The Regents of the University of California.  All rights reserved.

FreeBSD 6.1-RELEASE-p3 (TRISHA) #1: Sat Jul 15 15:48:17 PDT 2006

Welcome to FreeBSD!

/usr/X11R6/bin/xauth:  creating new authority file /home/bsdmjl/.Xauthority
test% ll .Xauthority
-rw-------  1 bsdmjl  bsdmjl   112B Aug  1 20:51 .Xauthority
test% xclock
X11 connection rejected because of wrong authentication.
X connection to test:10.0 broken (explicit kill or server shutdown).

I'll keep looking....

Thanks,
Micah

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44D02309.5070300>