Date: Wed, 14 Jul 1999 10:40:46 +1000 From: "Wyatt, Anthony" <Anthony.Wyatt@its.csiro.au> To: "'cjclark@home.com'" <cjclark@home.com> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: RE: SSH X Forwarding Message-ID: <F232EAD3304FD211BD3C00A0C99AFA9F014DB803@hermes.la.csiro.au>
next in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Crist J. Clark [mailto:cjc@cc942873-a.ewndsr1.nj.home.com] > > > > % xterm > > > _X11TransSocketINETConnect: Can't connect: errno = 60 > > > xterm Xt error: Can't open display: pc222:10.0 > > The specific client that I produced the above error on was using NATd, > but (1) the above error is produced when machines not running NATd > hook into its sshd and (2) the machine that I used as a client above > works perfectly well tunneling X through ssh from other machines (both > FreeBSD and IRIX). I think this NATd option is worth looking into. From what I understand (and that is limited at this point) address translation is tied to IP filtering, it can't live alone. Now if that is the case then it is quite possible that you are filtering out something you really shouldn't be. You'll need to recompile your kernel with the IP filtering logging turned on to find out. > The question I have about the packet issues is that since ssh wraps > all of the X interactions (and encypts it to boot), what good does > that tcpdump do? Should I be looking at what ssh[d] does with > the stuff > after it gets it (presumably looking at tcpdumps on the loopback of > the machines?)? If you use TCPDUMP to watch an ethernet port you will see nothing except the ssh connection. This is pointless as you already know the ssh session is up and running. As to tcpdump of the loopback, I've never tried it, so I don't know if you can, and/or if it will be helpful. > > If you still have problems: > > Build a brand new box, install ssh again, config > sshd_config appropriately, > > then try and ssh to this box from itself, and run an X app. > If the same > > error occurs here, try going back to 1.2.26 and try again. > > No way I'm nuking the machine's entire system... I'll nuke it's NT > slice maybe. ;) And the error _did_ occur under 1.2.26 too. I > installed 1.2.27 hoping it would fix, but no luck. If you have a spare box lying around build that, or if you have to, kill NT. Don't turn on the NATd or IP filtering stuff and see how it goes. Anthony To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F232EAD3304FD211BD3C00A0C99AFA9F014DB803>