|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Parsons, Rick wrote:
Hi, I have Solaris 8+ systems with a working OpenSSH 3.9p1 build which work perfectly. We set X11Forwarding to yes in the config and get DISPLAY=localhost:10.0 allowing X tunnelling back. I have just recently built OpenSSH 5.2p1 and installed sshd on some machines and now the DISPLAY env variable is not set at all. As far as I can tell, nothing else has changed (account dot files are the same, client ssh is still 3.9p1 and sshd_config is the same). The only way I can get DISPLAY to work is to set X11UseLocalhost to no in sshd_config and then it gets <hostname>:10.0 and works just fine. I have tried forcing X11DisplayOffset and XAuthLocation (and checked that it was right). I have tried ssh -X (though that is the default) and ssh -Y and none of these make any difference. The messages from -vv show the two calls to xauth followed by "Requesting X11 forwarding with authentication spoofing" and "channel 0: request x11-req confirm 0" just the same as the working version. I can only presume that I have done something wrong with the build but can't see what. Any ideas please?
Try adding "AddressFamily inet" to sshd_config and restarting.If that works: what's happening is that the OS is asked for a list of addresses for localhost and is returning a list that includes the inet6 address, however attempting to bind to it fails. Previously sshd would ignore this failure, but that allows third parties to bind to inet6 ports in the X11 forwarding range and potentially hijack X connections. For more detail see the 5.1 release notes (http://www.openssh.com/txt/release-5.1).
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
[Home] [Fedora Users] [Fedora Legacy] [Fedora Desktop] [Yosemite Photos] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]