Re: X authentication bug in 3.2.0 ?

From: Udo Grabowski (grai@darkstar.inka.de)
Date: 08/05/02


From: Udo Grabowski <grai@darkstar.inka.de>
Date: Mon, 05 Aug 2002 14:53:52 +0200

Here are some more details (-v) of a connection where X11 does not work anymore
(using A to A,
security extension on, we use port 24, display is 35.0, some edits on ip number).
Note the 'X11 does not match fake data message !':

debug: SshAppCommon/sshappcommon.c:138/ssh_app_get_global_regex_context:
Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2797/ssh2_parse_config_ext: Metaconfig parsing
stopped at line 3.
debug: SshConfig/sshconfig.c:2704/ssh2_parse_config_ext: Unable to open
/home/blabla/.ssh2/ssh2_config
debug: Connecting to xxx, port 24... (SOCKS not used)
debug: Ssh2/ssh2.c:2297/main: Entering event loop.
debug: Ssh2Client/sshclient.c:1421/ssh_client_wrap: Creating transport protocol.
debug:
SshAuthMethodClient/sshauthmethodc.c:85/ssh_client_authentication_initialize:
Added "hostbased" to usable methods.
debug:
SshAuthMethodClient/sshauthmethodc.c:85/ssh_client_authentication_initialize:
Added "publickey" to usable methods.
debug:
SshAuthMethodClient/sshauthmethodc.c:85/ssh_client_authentication_initialize:
Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1462/ssh_client_wrap: Creating userauth protocol.
debug: client supports 3 auth methods: 'hostbased,publickey,password'
debug: Ssh2Common/sshcommon.c:530/ssh_common_wrap: local ip = xxxx.xxxx.xxxx.xx,
local port = 59801
debug: Ssh2Common/sshcommon.c:532/ssh_common_wrap: remote ip =
xxxx.xxxx.xxxx.xx, remote port = 24
debug: SshConnection/sshconn.c:1945/ssh_conn_wrap: Wrapping...
debug: SshReadLine/sshreadline.c:2414/ssh_readline_eloop_initialize:
Initializing ReadLine...
debug: Remote version: SSH-2.0-3.2.0 SSH Secure Shell (non-commercial)
debug: Major: 3 Minor: 2 Revision: 0
debug: Ssh2Transport/trcommon.c:1901/ssh_tr_negotiate: lang s to c: `', lang c
to s: `'
debug: Ssh2Transport/trcommon.c:1967/ssh_tr_negotiate: c_to_s: cipher
aes128-cbc, mac hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1970/ssh_tr_negotiate: s_to_c: cipher
aes128-cbc, mac hmac-sha1, compression none
debug: Remote host key found from database.
debug: Ssh2Common/sshcommon.c:331/ssh_common_special: Received SSH_CROSS_STARTUP
packet from connection protocol.
debug: Ssh2Common/sshcommon.c:381/ssh_common_special: Received
SSH_CROSS_ALGORITHMS packet from connection protocol.
debug: server offers auth methods 'hostbased,publickey,password'.
debug: SshConfig/sshconfig.c:2797/ssh2_parse_config_ext: Metaconfig parsing
stopped at line 3.
debug: SshHostKeyIO/sshhostkeyio.c:190/ssh_host_key_read_keys: Reading public
host key from /etc/ssh2/hostkey.pub
debug: SshHostKeyIO/sshhostkeyio.c:275/ssh_host_key_read_keys: Host key
algorithms (from disk): ssh-dss
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:131/hostbased_init_pubkey:
Trying "hostbased" authentication with `ssh-dss' key.
debug:
Ssh2AuthHostBasedClient/authc-hostbased.c:788/ssh_client_auth_hostkeys_initialized:
Child: Execing ssh-signer...(path: /usr/local/fzk-system/bin/ssh-signer2)
debug:
Ssh2AuthHostBasedClient/authc-hostbased.c:436/auth_hostbased_received_packet:
ssh-signer returned SSH_AUTH_HOSTBASED_SIGNATURE
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:659/ssh_client_auth_hostbased:
Received SSH_MSG_USERAUTH_SUCCESS
debug: Ssh2Common/sshcommon.c:299/ssh_common_special: Received
SSH_CROSS_AUTHENTICATED packet from connection protocol.
debug: SshReadLine/sshreadline.c:2472/ssh_readline_eloop_uninitialize:
Uninitializing ReadLine...
debug: debug1: client_input_channel_open: ctype x11 rchan 1 win 30000 max 1024
debug1: client_request_x11: request from xxx.xxx.xxx.xxx 59802
debug1: fd 7 setting O_NONBLOCK
debug1: channel 1: new [x11]
debug1: confirm x11
Ssh2Common/sshcommon.c:840/ssh_common_new_channel: num_channels now 1
debug: ssh_pipe_stream_destroy
debug: Requesting X11 forwarding with authentication spoofing.
debug: Using X cookie from SECURITY extension (authorization id is 128).
debug: ssh_sigchld_real_callback
debug: ssh_sigchld_process_pid: no handler for pid 24576 code 0
Last login: Mon Aug 05 2002 13:39:05 +0100 from xxxx.xxxx.xxxx.xx

> xeyes
debug1: client_input_channel_open: ctype x11 rchan 2 win 30000 max 1024
debug1: client_request_x11: request from xxx.xxx.xxx.xxx 59856
debug1: fd 8 setting O_NONBLOCK
debug1: channel 2: new [x11]
debug1: confirm x11
debug: Ssh2Common/sshcommon.c:840/ssh_common_new_channel: num_channels now 2
debug1: X11 auth data does not match fake data.
<<==================================================
X11 connection rejected because of wrong authentication.
debug1: X11 rejected 2 i0/o0
debug1: channel 2: read failed
debug1: channel 2: close_read
debug1: channel 2: input open -> drain
debug1: channel 2: ibuf empty
debug1: channel 2: send eof
debug1: channel 2: input drain -> closed
debug1: channel 2: write failed
debug1: channel 2: close_write
debug1: channel 2: output open -> closed
debug1: X11 closed 2 i3/o3
debug1: channel 2: send close
debug1: channel 2: rcvd close
debug1: channel 2: is dead
debug1: channel 2: garbage collecting
debug1: channel_free: channel 2: x11, nchannels 3
debug: SshConnection/sshconn.c:406/ssh_conn_send_channel_data_type: EOF from
channel stream
debug: Ssh2Common/sshcommon.c:807/ssh_common_destroy_channel: num_channels now 1
X connection to imksun:35.0 broken (explicit kill or server shutdown).

-- 
Dr. Udo Grabowski                           email: udo.grabowski@imk.fzk.de
Institut f. Meteorologie und Klimaforschung II, Forschungszentrum Karslruhe
Postfach 3640, D-76021 Karlsruhe, Germany           Tel: (+49) 7247 82-6026
http://www.fzk.de/imk/imk2/ame/grabowski/           Fax:         "    -6141



Relevant Pages

  • RE: X11 forwarding help
    ... Subject: X11 forwarding help ... debug1: Rhosts Authentication disabled, ... debug3: check_host_in_hostfile: match line 5 ... debug1: channel 0: new ...
    (SSH)
  • X11 forwarding help
    ... I'm using ssh to do X11 forwarding over a gateway and it seems to work fine ... debug1: Rhosts Authentication disabled, ... debug3: check_host_in_hostfile: match line 5 ... debug1: channel 0: new ...
    (SSH)
  • X11 connection rejected because of wrong authentication error
    ... debug1: fd 9 setting TCP_NODELAY ... debug1: channel 1: new [x11] ... debug1: channel 1: input drain -> closed ...
    (comp.security.ssh)
  • OpenSSH_3.6.1p2, HP-UX 11.00 X11 Forwarding
    ... debug1: fd 9 setting O_NONBLOCK ... debug1: channel 1: new [x11] ... debug1: channel 1: read failed ... ForwardAgent yes ...
    (comp.security.ssh)
  • X11 forwarding from third machine
    ... I have X11 forwarding working with my openSSH server (OpenSSH_3.1p1 on ... > debug1: fd 12 setting TCP_NODELAY ... > debug1: channel 2: rcvd close ... All these boxes can X11 to each other directly without using ssh. ...
    (comp.security.ssh)