From owner-freebsd-ports Fri May 4 20:50:10 2001 Delivered-To: freebsd-ports@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id E935537B424 for ; Fri, 4 May 2001 20:50:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f453o1b43019; Fri, 4 May 2001 20:50:01 -0700 (PDT) (envelope-from gnats) Received: from iss-p1.lbl.gov (iss-p1.lbl.gov [131.243.2.47]) by hub.freebsd.org (Postfix) with ESMTP id C01A437B423 for ; Fri, 4 May 2001 20:49:07 -0700 (PDT) (envelope-from jin@iss-p1.lbl.gov) Received: (from jin@localhost) by iss-p1.lbl.gov (8.11.3/8.11.3) id f453n6c00943; Fri, 4 May 2001 20:49:06 -0700 (PDT) (envelope-from jin) Message-Id: <200105050349.f453n6c00943@iss-p1.lbl.gov> Date: Fri, 4 May 2001 20:49:06 -0700 (PDT) From: Jin Guojun (DSD staff) Reply-To: j_guojun@lbl.gov To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: ports/27086: OpenSSH does not set X11 forwarding Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 27086 >Category: ports >Synopsis: OpenSSH does not set X11 forwarding >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri May 04 20:50:01 PDT 2001 >Closed-Date: >Last-Modified: >Originator: >Release: FreeBSD 4.3-RELEASE i386 >Organization: >Environment: System: FreeBSD iss-p1.lbl.gov 4.3-RELEASE FreeBSD 4.3-RELEASE #0: Wed May 2 11:12:43 PDT 2001 root@iss-p1.lbl.gov:/usr/src/sys/compile/MinMax i386 OpenSSH client >Description: This is ssh client and sshd support to do: X11 and TCP forwarding If the user is using X11 (the DISPLAY environment variable is set), the connection to the X11 display can be forwarded to the remote side in such a way that any X11 programs started from the shell (or command) will go through the encrypted channel, and the connection to the real X server will be made from the local machine. The user should not manually set DISPLAY. Forwarding of X11 connections weakens the security of ssh and is disabled by default. X11 forwarding can be enabled on the command line or in configuration files. The DISPLAY value set by ssh will point to the server machine, but with a display number greater than zero. This is normal, and happens because ssh creates a ``proxy'' X server on the server machine for forwarding the connections over the encrypted channel. --- But when Open SSH client connects to a sshd (any, including Open sshd), the DISPLAY will not set up correctly (see below). >How-To-Repeat: # wrong X11 forwarding OpenSSH % ssh anySSHD-host anySSHD-host% printenv DISPLAY OpenSSH # correct X11 forwarding NormalSSH % ssh anySSHD-host anySSHD-host% printenv DISPLAY NormalSSH:11.0 >Fix: Do not know. It seems that OpenSSH client dose not provide correct tunneling info. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message