Re: OpenSSH 3.1p1 and broken X forwarding

From: Konstantinos Agouros (
Date: 03/17/02

From: (Konstantinos Agouros)
Date: 17 Mar 2002 11:10:12 +0100

In <> Victor Danilchenko <> writes:

> I have recently upgraded some systems to OpenSSH 3.1p1, and while
>it worked like a charm in almost all respects, one thing is strange.
>Suddenly, X forwarding ended up being broken on certain systems.

> Now I was running OpenSSH 2.9p2 before, and everything was fine;
>with upgrade to OpenSSH 3.1p1, when I SSH into certain systems and try to
>display X apps back over the SSH tunnel, it complains about invalid
>authentication. This happens when SSH'ed into all of our SPARC/Solaris
>5.8 systems when running some older X apps (I made sure to try compiling
>SSHD on Solaris with or without PAM support, it made no difference), and
>it also happens on a couple of our Digital Unix 4 boxes when we SSH to
>them through a Solaris system. Mind you, none of these problems occurred
>with OpenSSh 2.9. One thing has changed -- I moved from SSH entropy
>source in OpenSSH 2.9 to using a random device (ANDIrand) in OpenSSH 3.1,
>but that shouldn't have made any difference to the validity of
>authentication, should it have?

> I looked through release notes and recent Deja posts, and found
>nothing helpful. Can anyone help me on this one? thanks.
Is it possible that You have ipv6 activated? If You log into a sun try:
netstat -f inet -na |grep 6010 (assuming that Your offset is 10 which is
the defaultvalue). I have a problem like this with linux-machines running
ipv6 since the X11-Listen is on the ipv6-address instead of
and the X11-Client doesn't understand where to connect to.


> Victor Danilchenko

Dipl-Inf. Konstantin Agouros aka Elwood Blues. Internet:
Otkerstr. 28, 81547 Muenchen, Germany. Tel +49 89 69370185
"Captain, this ship will not survive the forming of the cosmos." B'Elana Torres