Re: 5.1p1 and X11 forwarding failing



On Mon, Feb 2, 2009 at 5:49 PM, Jeff Blaine <jblaine@xxxxxxxxxxxx> wrote:
I'm really scratching my head on this one. The server
is running OpenSSH 5.1p1 on Solaris 9. The authentication
is via PAM if that matters.

# grep X11 sshd_config | sed '/^#/D'
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
#

Now I attach to my 'master' sshd and follow all children
to look for any evidence of "DISPLAY":

# truss -f -a -e -p 14923 2>&1 | grep DISPLAY

I then fire up ssh -X from a client machine, login, and
truss reports nothing.

If I perform the EXACT same test against stock Solaris 9
sshd (also authenticating against PAM), DISPLAY shows up
(in truss and in the shell) and X11 forwarding works fine.

Any ideas?

Need more data. Post the output here or to me as we wish

server: sshd -d -p 8000
client: ssh -X -v -p 8000 server






--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu



Relevant Pages

  • Slow sftp transfer speed vs ftp
    ... with Solaris 9) I am transfering at 300 kb/sec. ... on both client and server. ... # The sshd shipped in this release of Solaris has support for major versions ... # Banner to be printed before authentication starts. ...
    (SunManagers)
  • Re: OpenSSH and pam_krb5
    ... > with GSSAPI and PAM authentication. ... this data is present in a separate process (the "authentication ... application (ie sshd). ...
    (SSH)
  • Re: Openssh, kerberos and Solaris 10
    ... if the problem is the Solaris 10 sshd is not saving ... other is used by pam :-( The man pages are not consistent ... rather live with this then to have to build OpenSSH and MIT Kerberos ... Solaris 10's sshd uses PAM, ...
    (comp.protocols.kerberos)
  • Re: OpenSSH 3.8 Released
    ... >the login works without needing a keylogin. ... >PAM routines authenticate the user without doing a keylogin. ... Here's where it comes off the rails: for various reasons, in sshd the ... actual PAM authentication is done in an authentication "thread" that is ...
    (comp.security.ssh)
  • Re: sshd: PAM + key authentication
    ... To realize this, I used PAM. ... Then, via PAM and the host attribute in the LDAP DB, I only ... I used password authentication. ... it seems sshd ignores PAM when someone ...
    (freebsd-questions)