Bugzilla – Attachment 865 Details for
Bug 1004
X11 forwarding not working with ssh3.9p1 (Error: Can't open display)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
ssh -vvv output after setting complete path to Xauthlocation and restarting sshd
ssh_vvv_31Mar2005.txt (text/plain), 10.83 KB, created by
SS
on 2005-04-01 04:23:46 AEST
(
hide
)
Description:
ssh -vvv output after setting complete path to Xauthlocation and restarting sshd
Filename:
MIME Type:
Creator:
SS
Created:
2005-04-01 04:23:46 AEST
Size:
10.83 KB
patch
obsolete
>[root@xxxxxxxxxxxx root]# ssh -X -vvv 64.xx.x.xxx >OpenSSH_3.9p1, OpenSSL 0.9.6b [engine] 9 Jul 2001 >debug1: Reading configuration data /etc/ssh/ssh_config >debug2: ssh_connect: needpriv 0 >debug1: Connecting to 64.xx.x.xxx [64.xx.x.xxx] port 22. >debug1: Connection established. >debug1: permanently_set_uid: 0/0 >debug1: identity file /root/.ssh/identity type -1 >debug1: identity file /root/.ssh/id_rsa type -1 >debug1: identity file /root/.ssh/id_dsa type -1 >debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1 >debug1: match: OpenSSH_3.9p1 pat OpenSSH* >debug1: Enabling compatibility mode for protocol 2.0 >debug1: Local version string SSH-2.0-OpenSSH_3.9p1 >debug2: fd 3 setting O_NONBLOCK >debug1: SSH2_MSG_KEXINIT sent >debug1: SSH2_MSG_KEXINIT received >debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >debug2: kex_parse_kexinit: ssh-rsa,ssh-dss >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: none,zlib >debug2: kex_parse_kexinit: none,zlib >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: first_kex_follows 0 >debug2: kex_parse_kexinit: reserved 0 >debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >debug2: kex_parse_kexinit: ssh-rsa,ssh-dss >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: none,zlib >debug2: kex_parse_kexinit: none,zlib >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: first_kex_follows 0 >debug2: kex_parse_kexinit: reserved 0 >debug2: mac_init: found hmac-md5 >debug1: kex: server->client aes128-cbc hmac-md5 none >debug2: mac_init: found hmac-md5 >debug1: kex: client->server aes128-cbc hmac-md5 none >debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent >debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >debug2: dh_gen_key: priv key bits set: 145/256 >debug2: bits set: 512/1024 >debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts2 >debug3: check_host_in_hostfile: match line 8 >debug1: Host '64.94.5.248' is known and matches the RSA host key. >debug1: Found key in /root/.ssh/known_hosts2:8 >debug2: bits set: 489/1024 >debug1: ssh_rsa_verify: signature correct >debug2: kex_derive_keys >debug2: set_newkeys: mode 1 >debug1: SSH2_MSG_NEWKEYS sent >debug1: expecting SSH2_MSG_NEWKEYS >debug2: set_newkeys: mode 0 >debug1: SSH2_MSG_NEWKEYS received >debug1: SSH2_MSG_SERVICE_REQUEST sent >debug2: service_accept: ssh-userauth >debug1: SSH2_MSG_SERVICE_ACCEPT received >debug2: key: /root/.ssh/identity ((nil)) >debug2: key: /root/.ssh/id_rsa ((nil)) >debug2: key: /root/.ssh/id_dsa ((nil)) >debug1: Authentications that can continue: publickey,password,keyboard-interactive >debug3: start over, passed a different list publickey,password,keyboard-interactive >debug3: preferred publickey,keyboard-interactive,password >debug3: authmethod_lookup publickey >debug3: remaining preferred: keyboard-interactive,password >debug3: authmethod_is_enabled publickey >debug1: Next authentication method: publickey >debug1: Trying private key: /root/.ssh/identity >debug3: no such identity: /root/.ssh/identity >debug1: Trying private key: /root/.ssh/id_rsa >debug3: no such identity: /root/.ssh/id_rsa >debug1: Trying private key: /root/.ssh/id_dsa >debug3: no such identity: /root/.ssh/id_dsa >debug2: we did not send a packet, disable method >debug3: authmethod_lookup keyboard-interactive >debug3: remaining preferred: password >debug3: authmethod_is_enabled keyboard-interactive >debug1: Next authentication method: keyboard-interactive >debug2: userauth_kbdint >debug2: we sent a keyboard-interactive packet, wait for reply >debug1: Authentications that can continue: publickey,password,keyboard-interactive >debug3: userauth_kbdint: disable: no info_req_seen >debug2: we did not send a packet, disable method >debug3: authmethod_lookup password >debug3: remaining preferred: >debug3: authmethod_is_enabled password >debug1: Next authentication method: password >root@64.94.5.248's password: >debug3: packet_send2: adding 64 (len 60 padlen 4 extra_pad 64) >debug2: we sent a password packet, wait for reply >debug1: Authentication succeeded (password). >debug1: channel 0: new [client-session] >debug3: ssh_session2_open: channel_new: 0 >debug2: channel 0: send open >debug1: Entering interactive session. >debug2: callback start >debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-jfLPt24927/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null >debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-jfLPt24927/xauthfile list :0.0 . 2>/dev/null >debug1: Requesting X11 forwarding with authentication spoofing. >debug2: channel 0: request x11-req confirm 0 >debug2: client_session2_setup: id 0 >debug2: channel 0: request pty-req confirm 0 >debug3: tty_make_modes: ospeed 38400 >debug3: tty_make_modes: ispeed 38400 >debug3: tty_make_modes: 1 3 >debug3: tty_make_modes: 2 28 >debug3: tty_make_modes: 3 127 >debug3: tty_make_modes: 4 21 >debug3: tty_make_modes: 5 4 >debug3: tty_make_modes: 6 0 >debug3: tty_make_modes: 7 0 >debug3: tty_make_modes: 8 17 >debug3: tty_make_modes: 9 19 >debug3: tty_make_modes: 10 26 >debug3: tty_make_modes: 12 18 >debug3: tty_make_modes: 13 23 >debug3: tty_make_modes: 14 22 >debug3: tty_make_modes: 18 15 >debug3: tty_make_modes: 30 0 >debug3: tty_make_modes: 31 0 >debug3: tty_make_modes: 32 0 >debug3: tty_make_modes: 33 0 >debug3: tty_make_modes: 34 0 >debug3: tty_make_modes: 35 0 >debug3: tty_make_modes: 36 1 >debug3: tty_make_modes: 37 0 >debug3: tty_make_modes: 38 1 >debug3: tty_make_modes: 39 0 >debug3: tty_make_modes: 40 0 >debug3: tty_make_modes: 41 0 >debug3: tty_make_modes: 50 1 >debug3: tty_make_modes: 51 1 >debug3: tty_make_modes: 52 0 >debug3: tty_make_modes: 53 1 >debug3: tty_make_modes: 54 1 >debug3: tty_make_modes: 55 1 >debug3: tty_make_modes: 56 0 >debug3: tty_make_modes: 57 0 >debug3: tty_make_modes: 58 0 >debug3: tty_make_modes: 59 1 >debug3: tty_make_modes: 60 1 >debug3: tty_make_modes: 61 1 >debug3: tty_make_modes: 62 0 >debug3: tty_make_modes: 70 1 >debug3: tty_make_modes: 71 0 >debug3: tty_make_modes: 72 1 >debug3: tty_make_modes: 73 0 >debug3: tty_make_modes: 74 0 >debug3: tty_make_modes: 75 0 >debug3: tty_make_modes: 90 1 >debug3: tty_make_modes: 91 1 >debug3: tty_make_modes: 92 0 >debug3: tty_make_modes: 93 0 >debug2: channel 0: request shell confirm 0 >debug2: fd 3 setting TCP_NODELAY >debug2: callback done >debug2: channel 0: open confirm rwindow 0 rmax 32768 >debug2: channel 0: rcvd adjust 131072 >Last login: Thu Mar 31 12:35:04 2005 from 12.34.138.233 >[root@xxxxxxxxx root]# echo $DISPLAY > >[root@xxxxxxxxx root]# export DISPLAY=64.xx.x.xxx:10.0 > >[root@xxxxxxxxx root]# echo $DISPLAY >64.xx.x.xxx:10.0 > >[root@xxxxxxxxx root]# netscape >Error: Can't open display: 64.xx.x.xxx:10.0 > >[root@xxxxxxxxx root]# cat /etc/ssh/sshd_config ># $OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $ > ># This is the sshd server system-wide configuration file. See ># sshd_config(5) for more information. > ># This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin > ># The strategy used for options in the default sshd_config shipped with ># OpenSSH is to specify options with their default value where ># possible, but leave them commented. Uncommented options change a ># default value. > >#Port 22 >#Protocol 2,1 >#ListenAddress 0.0.0.0 >#ListenAddress :: > ># HostKey for protocol version 1 >#HostKey /etc/ssh/ssh_host_key ># HostKeys for protocol version 2 >#HostKey /etc/ssh/ssh_host_rsa_key >#HostKey /etc/ssh/ssh_host_dsa_key > ># Lifetime and size of ephemeral version 1 server key >#KeyRegenerationInterval 1h >#ServerKeyBits 768 > ># Logging >#obsoletes QuietMode and FascistLogging >#SyslogFacility AUTH >#LogLevel INFO > ># Authentication: > >#LoginGraceTime 2m >PermitRootLogin yes >StrictModes yes >#MaxAuthTries 6 > >#RSAAuthentication yes >#PubkeyAuthentication yes >#AuthorizedKeysFile .ssh/authorized_keys > ># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts >#RhostsRSAAuthentication no ># similar for protocol version 2 >#HostbasedAuthentication no ># Change to yes if you don't trust ~/.ssh/known_hosts for ># RhostsRSAAuthentication and HostbasedAuthentication >#IgnoreUserKnownHosts no ># Don't read the user's ~/.rhosts and ~/.shosts files >#IgnoreRhosts yes > ># To disable tunneled clear text passwords, change to no here! >#PasswordAuthentication yes >#PermitEmptyPasswords no > ># Change to no to disable s/key passwords >#ChallengeResponseAuthentication yes > ># Kerberos options >#KerberosAuthentication no >#KerberosOrLocalPasswd yes >#KerberosTicketCleanup yes >#KerberosGetAFSToken no > ># GSSAPI options >#GSSAPIAuthentication no >#GSSAPICleanupCredentials yes > ># Set this to 'yes' to enable PAM authentication, account processing, ># and session processing. If this is enabled, PAM authentication will ># be allowed through the ChallengeResponseAuthentication mechanism. ># Depending on your PAM configuration, this may bypass the setting of ># PasswordAuthentication, PermitEmptyPasswords, and ># "PermitRootLogin without-password". If you just want the PAM account and ># session checks to run without PAM authentication, then enable this but set ># ChallengeResponseAuthentication=no >#UsePAM no > >#AllowTcpForwarding yes >#GatewayPorts no >X11Forwarding yes >X11DisplayOffset 10 >XAuthLocation /usr/X11R6/bin/xauth >#X11UseLocalhost yes >#PrintMotd yes >#PrintLastLog yes >#TCPKeepAlive yes >#UseLogin no >#UsePrivilegeSeparation yes >#PermitUserEnvironment no >#Compression yes >#ClientAliveInterval 0 >#ClientAliveCountMax 3 >#UseDNS yes >#PidFile /var/run/sshd.pid >#MaxStartups 10 > ># no default banner path >#Banner /some/path > ># override default of no subsystems >Subsystem sftp /usr/libexec/openssh/sftp-server >[root@xxxxxxxxx root]#
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=865">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1004
:
861
| 865 |
883