Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 28 Jul 2002 07:23:57 -0700
From:      Peter Hunt <hunt@IPRG.nokia.com>
To:        freebsd-questions@FreeBSD.ORG
Subject:   Auth problem when tunnelling X11 over ssh
Message-ID:  <3D43FE7D.F476CEBC@iprg.nokia.com>
next in thread | raw e-mail | index | archive | help 
I'm having trouble forwarding X11 over an ssh connection between a remote
4.3-RELEASE server and my local desktop (also 4.3-RELEASE).

The server used to be a 3.4-RELEASE system, and my configuration worked
without any problems. Since upgrading the server to 4.3-RELEASE, however,
X authentication fails consistently over ssh.

I have ForwardX11 set to "yes" in my config file, and after I slogin
to the remote server, I see the extra X11 ports open in LISTEN state.
eg.:

Proto Recv-Q Send-Q  Local Address          Foreign Address       (state)
tcp4       0      0  *.6011                 *.*                   LISTEN
tcp46      0      0  *.6011                 *.*                   LISTEN

My DISPLAY variable is set to the correct value (eg.server.domain.com:11.0).

However, when I start an xterm, I get the following (verbose) messages:

debug: client_input_channel_open: ctype x11 rchan 3 win 4096 max 2048
debug: fd 12 setting O_NONBLOCK
debug: fd 12 IS O_NONBLOCK
debug: channel 6: new [x11]
debug: confirm x11
debug: X11 auth data does not match fake data.
debug: X11 rejected 6 i1/o16

I have the following entries in the .Xauthority files on both machines.

On my desktop:

desktop.domain.com:0    MIT-MAGIC-COOKIE-1      <key>
desktop.domain.com/unix:0       MIT-MAGIC-COOKIE-1      <key>

On the remote server:

server.domain.com:11    MIT-MAGIC-COOKIE-1      <key>
server.domain.com/unix:11       MIT-MAGIC-COOKIE-1      <key>

The value of <key> in all the entries above is the same. I have similar
entries for display 10, 12, 13 ... on the server, in case I get a
different display; the ssh server is shared.

I've tried connecting using IPv4 only, and forcing sshv2, but I got the
same error message. Trying to use xhost (as a last resort) resulted in
an authentication mismatch error.

The ssh version on both ends is:

SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions
1.5/2.0. Compiled with SSL (0x0090600f).

My desktop X server is XFree86 4.002, if that makes a difference.

Any information, suggestions or dope slaps welcome.

Peter

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D43FE7D.F476CEBC>