From owner-freebsd-questions@FreeBSD.ORG Sat Jan 19 20:12:26 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2BBD216A494 for ; Sat, 19 Jan 2008 20:12:26 +0000 (UTC) (envelope-from russo@bogodyn.org) Received: from mx1a.swcp.com (mx1a.swcp.com [216.184.2.64]) by mx1.freebsd.org (Postfix) with ESMTP id DBCC313C448 for ; Sat, 19 Jan 2008 20:12:25 +0000 (UTC) (envelope-from russo@bogodyn.org) Received: from ame3.swcp.com (ame3.swcp.com [216.184.2.120]) by mx1a.swcp.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id m0JK0Hn0027890 for ; Sat, 19 Jan 2008 13:00:18 -0700 Received: from bogodyn.org (mail.bogodyn.org [69.49.164.40]) by ame3.swcp.com (8.14.1/8.13.6) with ESMTP id m0JK0En8015589 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 19 Jan 2008 13:00:14 -0700 (MST) (envelope-from russo@bogodyn.org) Received: from bogodyn.org (localhost [127.0.0.1]) by bogodyn.org (8.14.1/8.14.1) with ESMTP id m0JK0AFZ048492; Sat, 19 Jan 2008 13:00:10 -0700 (MST) (envelope-from russo@bogodyn.org) Received: (from russo@localhost) by bogodyn.org (8.14.1/8.14.1/Submit) id m0JK0Adh048491; Sat, 19 Jan 2008 13:00:10 -0700 (MST) (envelope-from russo) Date: Sat, 19 Jan 2008 13:00:10 -0700 From: Tom Russo To: freebsd-questions@freebsd.org Message-ID: <20080119200010.GA48420@bogodyn.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Organization: International Institute for Advanced Quantum Bogodynamical Studies User-Agent: Mutt/1.5.17 (2007-11-01) X-Spam-Status: No, hits=-1.4 required=10.0 tests=ALL_TRUSTED autolearn=no version=3.2.3 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on ame3.swcp.com X-Scanned-By: MIMEDefang 2.63 on 216.184.2.127 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (ame3.swcp.com [216.184.2.127]); Sat, 19 Jan 2008 13:00:15 -0700 (MST) X-Virus-Scanned: ClamAV 0.91.2/5497/Sat Jan 19 10:22:49 2008 on ame3.swcp.com X-Virus-Status: Clean X-Spam-Level: Subject: X Forwarding problems since upgrading to 6-Stable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: russo@bogodyn.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jan 2008 20:12:26 -0000 I have three BSD machines running 6-Stable, all of them only recently upgraded from 5-STABLE. Ever since the upgrades, I cannot get remote hosts to which I've ssh'd to connect to the tunneled X server. For example: hostb> ssh -X hostA hosta> echo $DISPLAY localhost:10.0 hosta> xev Xlib: connection to "localhost:10.0" refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key xev: unable to open display 'localhost:10.0' hosta> exit hostb> ssh -Y hostA hosta> echo $DISPLAY localhost:10.0 hosta> xev Xlib: connection to "localhost:10.0" refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key xev: unable to open display 'localhost:10.0' If hosta is not a FreeBSD machine, the *OPPOSITE* attempt works fine. For example, if hosta is my linux laptop: hosta> ssh -X hostb hostb> echo $$DISPLAY localhost:10.0 hostb> xev [... xev starts up just fine and displays on the laptop...] But if the machine from which I'm sshing is one of my 6-stable BSD machines, it never works. All the 6-stable machines are running the latest ports, as I keep my ports tree csup'd and portupgrade regularly. I've googled the issue and the only thing I ever find is people answering "you should use -Y instead of -X to enable 'trusted' forwarding." This clearly doesn't work for me, either. Since I am not seeing tons of recent references to this all over the net, I am pretty much concluding that I must have some kind of configuration mistake on my BSD machines' X or ssh setups, but I don't immediately see one. I thought I left my sshd config pretty much as it was out of the box, but perhaps I screwed something up. Can anyone suggest a place to start looking for the error? -- Tom Russo KM5VY SAR502 DM64ux http://www.swcp.com/~russo/ Tijeras, NM QRPL#1592 K2#398 SOC#236 AHTB#1 http://kevan.org/brain.cgi?DDTNM "And, isn't sanity really just a one-trick pony anyway? I mean all you get is one trick, rational thinking, but when you're good and crazy, oooh, oooh, oooh, the sky is the limit!" --- The Tick