RE: RE : RE : X11Forwarding problem on Solaris.



Hi,
I tried the -Y parameter and I get the same error message unfortunately.

Thanks
Staffan

-----Original Message-----
From: Anders Näsmark [mailto:andnas@xxxxxxxxx]
Sent: den 29 maj 2007 21:38
To: Staffan Persson
Cc: secureshell@xxxxxxxxxxxxxxxxx
Subject: Re: RE : RE : X11Forwarding problem on Solaris.


Hello,

As of OpenSSH 3.8.0 and most SunSSH versions of a recent date you
should use -Y instead of -X (see the man page). I've experienced
similar problems using -X.

I may be stating the obvious since I have only read the last 4 posts,
but I hope it helps.

/Anders

On 27 maj 2007, at 15.06, Staffan Persson wrote:

Hi,
yes "other user" has execution permission on the executable file.
It looks like this for the directory:
drwxrwxrwx

and for the file:
-rwxrwxr-x


-----Original Message-----
From: Vincenzo Sciarra [mailto:vincenzo.sciarra@xxxxxxxxx]
Sent: den 9 maj 2007 10:57
To: Staffan Persson
Subject: Re: RE : RE : X11Forwarding problem on Solaris.


It works great when I
logon as the user who is owning the program´s executable file. It
wont
work
when I logon as any other user.


Has "other user" execution permission on executable file and related
library?




2007/5/7, Staffan Persson <s.persson@xxxxxxx>:
Hi,
yes I can run:

hosta$ ssh -X hostb
hostb$ /usr/openwin/bin/xclock

xclock is displayed correctly.

The program I try to start when I get the X11Forwding problems is a
graphical user interface for an application which can be
controlled though
command line to a certain degree.
The program is using the display environment variable. It works
great when
I
logon as the user who is owning the program´s executable file. It
wont
work
when I logon as any other user.

Below is ssh´s debug info.
First i use ssh to connect from node2 to node4 and then I start the
PROGRAM
on node4.

node2:/home/myuser> ssh -Xv node4
OpenSSH_4.3p2, OpenSSL 0.9.8d 28 Sep 2006
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to node4 [node4´s ipaddress] port 22.
debug1: Connection established.
debug1: identity file /home/myuser/.ssh/identity type -1
debug1: identity file /home/myuser/.ssh/id_rsa type -1
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_43
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'node4' is known and matches the RSA host key.
debug1: Found key in /home/myuser/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/myuser/.ssh/identity
debug1: Trying private key: /home/myuser/.ssh/id_rsa
debug1: Trying private key: /home/myuser/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: password
myuser@node4's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
Last login: Mon May 7 15:20:11 2007 from node2
Oracle Home is set

node4:/home/myuser> PROGRAM ( ...starting program here... )
node4:/home/myuser> debug1: client_input_channel_open: ctype x11
rchan 2
win
65536 max 16384
debug1: client_request_x11: request from 127.0.0.1 43646
debug1: channel 1: new [x11]
debug1: confirm x11
debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max
16384
debug1: client_request_x11: request from 127.0.0.1 43647
debug1: channel 2: new [x11]
debug1: confirm x11
X11 connection rejected because of wrong authentication.
debug1: channel 2: free: x11, nchannels 3
node:/home/myuser>

Thanks


-----Original Message-----
From: Francois Bolduc [mailto:Francois.Bolduc@xxxxxxxxxxxxxx]
Sent: den 27 april 2007 20:33
To: secureshell@xxxxxxxxxxxxxxxxx
Subject: RE: RE : RE : X11Forwarding problem on Solaris.


Let's isolate SSH and X11 forwarding. Can you run:

hosta$ ssh -X hostb
hostb$ /usr/openwin/bin/xclock

If this works, can you give a sample of the command you run that
fails, or
simply what the command is launching?
François Bolduc
Consultant
FUJITSU CONSEIL (Canada) inc.
Bureau : 613.238.2697
francois.bolduc@xxxxxxxxxxxxxx
From: Staffan Persson [mailto:s.persson@xxxxxxx]Sent: Wed
4/25/2007 1:47
PMTo: Francois Bolduc; secureshell@xxxxxxxxxxxxxxxxxxxxxxxx: RE:
RE : RE :
X11Forwarding problem on Solaris.
Hi,
below is my answers on your questions.

Q. What does your sshd config look like?

A. My sshd_config file is stored in the following path:
/usr/local/etc

and the file´s content is:

Port 22
Protocol 2,1
HostKey /usr/local/etc/ssh_host_key
HostKey /usr/local/etc/ssh_host_rsa_key
HostKey /usr/local/etc/ssh_host_dsa_key
PermitRootLogin no
StrictMode no
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ssh/authorized_keys
PasswordAuthentication yes
PermitEmptyPasswords no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
AcceptEnv yes
PermitUserEnvironment Yes
PermitTunnel yes
Subsystem sftp /usr/local/libexec/sftp-server


Q. Do you have any ssh_config files that might override global
settings



Relevant Pages

  • RE: RE : RE : X11Forwarding problem on Solaris.
    ... The program is using the display environment variable. ... First i use ssh to connect from node2 to node4 and then I start the PROGRAM ... debug1: Connection established. ... Subject: RE: RE: X11Forwarding problem on Solaris. ...
    (SSH)
  • Solaris 10 sshd and OpenSSH 4 client problems
    ... Solaris 10 SPARC with OEM sshd. ... authentication method and goes to keyboard-interactive ... debug1: Connecting to bertha port 22. ... AFS Ignoring superuser root ...
    (SSH)
  • Key-based authentication in SSH with Sun Directory Server 6.3 (On Solaris 10 client)
    ... I'm having problems with key-based authentication on one of my Solaris ... debug1: Connection established. ... # rlogin service (explicit because of pam_rhost_auth) ... # Default definitions for Authentication management ...
    (comp.unix.solaris)
  • LDAP Authentication via SSH
    ... authenticate via SSH to the LDAP server. ... debug1: Connecting to ldapclient.domain port 22. ... debug1: Next authentication method: keyboard-interactive ... # rlogin service (explicit because of pam_rhost_auth) ...
    (SunManagers)
  • Bad passphrase with public key authentication
    ... I'm setting up my server to use public key authentication. ... debug1: Connection established. ... debug3: Not a RSA1 key file server_rsa_macbook.pub. ... debug2: fd 3 setting O_NONBLOCK ...
    (SSH)