From owner-freebsd-stable Wed Jun 28 22:25:44 2000 Delivered-To: freebsd-stable@freebsd.org Received: from mta5.snfc21.pbi.net (mta5.snfc21.pbi.net [206.13.28.241]) by hub.freebsd.org (Postfix) with ESMTP id 13F7B37BB72 for ; Wed, 28 Jun 2000 22:25:39 -0700 (PDT) (envelope-from faber@lunabase.org) Received: from praxis.lunabase.org ([63.200.244.110]) by mta5.snfc21.pbi.net (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9) with ESMTP id <0FWW00JICHO82B@mta5.snfc21.pbi.net> for stable@freebsd.org; Wed, 28 Jun 2000 22:24:09 -0700 (PDT) Received: from praxis.lunabase.org (localhost [127.0.0.1]) by praxis.lunabase.org (8.9.3/8.9.3) with ESMTP id WAA00780 for ; Wed, 28 Jun 2000 22:22:44 -0700 X-URL: http://www.lunabase.org/~faber Date: Wed, 28 Jun 2000 22:22:44 -0700 From: Ted Faber Subject: OpenSSH X11 forwarding fails(!?) To: stable@freebsd.org Message-id: <200006290522.WAA00780@praxis.lunabase.org> Organization: My Secret Broadcast Base on the Moon X-Mailer: exmh version 2.1.1 10/15/1999 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-Type: text/plain; charset=us-ascii I'm running 4.0-STABLE as of a few days ago and I wanted to move from the ssh-1.2.27 port over to the OpenSSH in the main tree. It seems to me that X11 connection forwarding is hosed. I've tried it with several configurations, and had no luck. I did an ssh from my host to my host and tried to start an xterm from the secure login - failure. The same procedure works fine with the ssh-1.2.27 port. I've also tried remote machines running ssh-1.2.26 and 1.2.27 and seen the same error. A script from the client follows (with extraneous stuff from my .profile deleted). Anyone else seeing this problem? Any hope of a fix from the OpenSSL folks? I'm happy to try patches or provide more debugging information. Script started on Wed Jun 28 21:50:39 2000 78praxis:~$ ssh -v praxis SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x00904100). debug: Reading configuration data /etc/ssh/ssh_config debug: Applying options for * debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to praxis.lunabase.org [63.200.244.110] port 22. debug: Allocated local port 1015. debug: Connection established. debug: Remote protocol version 1.5, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host 'praxis.lunabase.org' is known and matches the RSA host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying RSA authentication via agent with 'faber@newbox.lunabase.org' debug: Received RSA challenge from server. debug: Sending response to RSA challenge. debug: Remote: RSA authentication accepted. debug: RSA authentication accepted by server. debug: Requesting pty. debug: Requesting X11 forwarding with authentication spoofing. debug: Requesting authentication agent forwarding. debug: Requesting shell. debug: Entering interactive session. Last login: Wed Jun 28 21:49:56 2000 from praxis.lunabase. Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.0-STABLE (PRAXIS) #8: Sat Jun 24 14:55:27 PDT 2000 Welcome to FreeBSD! You will find security advisories and updated errata information for all releases at http://www.FreeBSD.ORG/releases/ Before asking for technical assistance: 1. Consult the ERRATA section for your release at the URL above. 2. Search the Handbook, FAQ, and mail archives at http://www.FreeBSD.ORG/search.html. If the doc distribution is installed on this machine, you will also find the formatted FAQ and Handbook documents in /usr/share/doc/ 3. If you still have a question or problem, collect the output of `uname -a' along with error messages from whatever part of the system you are having problems with and email it as a question to the questions@FreeBSD.ORG mailing list. You may also use `/stand/sysinstall' to re-enter the installation and configuration utility. Edit /etc/motd to change this login announcement. [snip] 78praxis:~$ xterm debug: Received X11 open request. debug: fd 5 setting O_NONBLOCK debug: channel 0: new [X11 connection from praxis.lunabase.org port 1037] debug: X11 auth data does not match fake data. debug: X11 rejected 0 i1/o16 debug: channel 0: read failed debug: channel 0: input open -> drain debug: channel 0: close_read debug: channel 0: input: no drain shortcut debug: channel 0: ibuf empty debug: channel 0: input drain -> wait_oclose debug: channel 0: send ieof debug: channel 0: write failed debug: channel 0: output open -> wait_ieof debug: channel 0: send oclose debug: channel 0: close_write debug: X11 closed 0 i4/o64 debug: channel 0: rcvd ieof debug: channel 0: non-open channel 0: istate 4 != open channel 0: ostate 64 != open debug: channel 0: rcvd oclose debug: channel 0: input wait_oclose -> closed X connection to praxis.lunabase.org:10.0 broken (explicit kill or server shutdown). praxis:~$ exit logout Connection to praxis.lunabase.org closed. debug: Transferred: stdin 27, stdout 2598, stderr 43 bytes in 8.7 seconds debug: Bytes per second: stdin 3.1, stdout 297.2, stderr 4.9 debug: Exit status 1 praxis:~$ exit exit Script done on Wed Jun 28 21:50:55 2000 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (FreeBSD) Comment: Exmh version 2.1.1 10/15/1999 iD8DBQE5Wt0jaUz3f+Zf+XsRAoPtAKC/aYbV07mRuU4vw03urS9LwtXkIACgpmpP T4jR2CtQl+hs8cujXSwlQDE= =JUNF -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message