Date: Thu, 4 May 2017 23:45:14 -0400 From: Chuck McCrobie <mccrobie2000@gmail.com> To: freebsd-x11@freebsd.org Subject: X11 Forwarding Not Working Message-ID: <e12c81bc-c070-bc1c-dba4-43c43086c740@gmail.com>
next in thread | raw e-mail | index | archive | help
Not sure if this is the correct mailing list. I've attempted to include all relevant information. Synopsis ------------ Attempting to ssh -X fedora23 freebsd11-stable. I get usr/local/bin/xauth: (stdin):1: bad display name "unix:10.0" in "remove" command /usr/local/bin/xauth: (stdin):2: bad display name "unix:10.0" in "add" command ----- FreeBSD ----- $ echo $DISPLAY localhost:10.0 $ konsole X11 connection rejected because of wrong authentication. Segmentation fault (core dumped) ----------- /etc/rc.conf ---------- ifconfig_em0="DHCP" vboxguest_enable="YES" vboxservice_enable="YES" dbus_enable="YES" hald_enable="YES" kdm4_enable="YES" sshd_enable="NO" openssh_enable="YES" ----------- /usr/local/etc/ssh/sshd_config ---------- default as installed by pkg add openssh-portable # $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH= # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. # Note that some of FreeBSD's defaults differ from OpenBSD's, and # FreeBSD has a few additional options. #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /usr/local/etc/ssh/ssh_host_rsa_key #HostKey /usr/local/etc/ssh/ssh_host_dsa_key #HostKey /usr/local/etc/ssh/ssh_host_ecdsa_key #HostKey /usr/local/etc/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 #PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 #AuthorizedPrincipalsFile none #AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /usr/local/etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # Change to yes to enable built-in password authentication. #PasswordAuthentication no #PermitEmptyPasswords no # Change to no to disable PAM authentication #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes # Set this to 'no' to disable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. #UsePAM yes #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum FreeBSD-openssh-portable-7.5.p1,1 # no default banner path #Banner none # override default of no subsystems Subsystem sftp /usr/local/libexec/sftp-server # the following are HPN related configuration options # tcp receive buffer polling. disable in non autotuning kernels #TcpRcvBufPoll yes # disable hpn performance boosts #HPNDisabled no # buffer size for hpn to non-hpn connections #HPNBufferSize 2048 # allow the use of the none cipher #NoneEnabled no # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server ---------- pkg info openssh-portable --------- pkg info openssh-portable openssh-portable-7.5.p1,1 Name : openssh-portable Version : 7.5.p1,1 Installed on : Fri May 5 01:30:06 2017 UTC Origin : security/openssh-portable Architecture : FreeBSD:11:amd64 ---------- .XAuthority ---------- EMPTY ------ uname -a on Linux ------ Linux gti-no6.my.domain 4.8.12-100.fc23.x86_64 #1 SMP Fri Dec 2 17:52:27 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux ------ uname -r on FreeBSD ----- 11.0-STABLE ------ ssh -v -X me@192.168.2.179 ------ (192.168.2.179 is the FreeBSD 11-STABLE machine) ssh -v -X me@192.168.2.179 OpenSSH_7.2p2, OpenSSL 1.0.2j-fips 26 Sep 2016 debug1: Reading configuration data /home/xxx/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug1: Connecting to 192.168.2.179 [192.168.2.179] port 22. debug1: Connection established. debug1: identity file /home/xxx/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/xxx/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.5-hpn14v5 FreeBSD-openssh-portable-7.5.p1,1 debug1: match: OpenSSH_7.5-hpn14v5 FreeBSD-openssh-portable-7.5.p1,1 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 192.168.2.179:22 as 'me' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256@libssh.org debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: curve25519-sha256@libssh.org need=64 dh_need=64 debug1: kex: curve25519-sha256@libssh.org need=64 dh_need=64 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:nGH5+5gHLLkPxS1JF/ccT9dI9KiplE72Y6YJMwMZD8Y debug1: Host '192.168.2.179' is known and matches the ECDSA host key. debug1: Found key in /home/xxx/.ssh/known_hosts:71 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/xxx/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /home/xxx/.ssh/id_dsa debug1: Trying private key: /home/xxx/.ssh/id_ecdsa debug1: Trying private key: /home/xxx/.ssh/id_ed25519 debug1: Next authentication method: keyboard-interactive Password for me@: debug1: Authentication succeeded (keyboard-interactive). Authenticated to 192.168.2.179 ([192.168.2.179]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: exec debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Requesting X11 forwarding with authentication spoofing. debug1: Sending environment. debug1: Sending env XMODIFIERS = @im=none debug1: Sending env LANG = en_US.UTF-8 debug1: Sending env LANGUAGE = Last login: Fri May 5 03:15:53 2017 from 192.168.2.237 FreeBSD 11.0-STABLE (GENERIC) #0 r317153: Thu Apr 20 05:43:02 UTC 2017 Welcome to FreeBSD! Release Notes, Errata: https://www.FreeBSD.org/releases/ Security Advisories: https://www.FreeBSD.org/security/ FreeBSD Handbook: https://www.FreeBSD.org/handbook/ FreeBSD FAQ: https://www.FreeBSD.org/faq/ Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/ FreeBSD Forums: https://forums.FreeBSD.org/ Documents installed with the system are in the /usr/local/share/doc/freebsd/ directory, or can be installed later with: pkg install en-freebsd-doc For other languages, replace "en" with a language code like de or fr. Show the version of FreeBSD installed: freebsd-version ; uname -a Please include that output and any error messages when posting questions. Introduction to manual pages: man man FreeBSD directory layout: man hier Edit /etc/motd to change this login announcement. /usr/local/bin/xauth: file /home/me/.Xauthority does not exist /usr/local/bin/xauth: (stdin):1: bad display name "unix:10.0" in "remove" command /usr/local/bin/xauth: (stdin):2: bad display name "unix:10.0" in "add" command You can automatically download and install binary packages by doing pkg install <package> This will also automatically install the packages that are dependencies for the package you install (ie, the packages it needs in order to work.) ---------- pkg info xauth ---------- pkg info xauth xauth-1.0.10 Name : xauth Version : 1.0.10 Installed on : Fri May 5 02:20:59 2017 UTC Origin : x11/xauth Architecture : FreeBSD:11:amd64 --------- Linux (source system) /etc/ssh/ssh_config ---------- Host * GSSAPIAuthentication yes # If this option is set to yes then remote X11 clients will have full access # to the original X11 display. As virtually no X11 client supports the untrusted # mode correctly we set this to yes. ForwardX11 yes ForwardX11Trusted yes # Send locale-related environment variables SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE SendEnv XMODIFIERS ---------- on FreeBSD ---------- host gti-no6.my.domain gti-no6.my.domain has address 192.168.2.237 ---------- on FreeBSD --------- more /etc/resolv.conf # Generated by resolvconf search my.domain nameserver 192.168.2.1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e12c81bc-c070-bc1c-dba4-43c43086c740>