Login hangs in X11 with AIX 5.2

• Previous message: heplesser_at_gmail.com: "SSH 3.2.0: Too many open connections --- how to check what's open?"
• Next in thread: George Baltz: "Re: Login hangs in X11 with AIX 5.2"
• Reply: George Baltz: "Re: Login hangs in X11 with AIX 5.2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 16 Nov 2005 05:48:01 -0800

I have an AIX 5.3 server running openSSH 4.1p1 from IBM's "OpenSSH on
AIX" sourceforge site (http://sourceforge.net/projects/openssh-aix) and
a downloaded OpenSSL 0.9.7g RPM package. It ran fine until I recently
applied maintenance, bringing the box to 5.3.03 from 5.3.01. Now SSH
hangs during login, apparently during X11 authentication. (I see
"/usr/bin/X11/xauth -q -" in the process list.) I do not normally use
X, but we leave it enabled for users. If I unset the DISPLAY variable
before issuing the ssh command, the login proceeds normally - no
problems.

When I login with a remote shell, whether from another AIX box or via
Putty from my desktop, the session usually just hangs and never
recovers - no error messages or anything. Occasionaly it only hangs
for about 30 seconds before giving me the following error, and then I
finally get logged in:
/usr/bin/X11/xauth: 1356-361 Timeout in locking authority file
/home/sbassle/.Xauthority.

When I run remote commands or scripts, the session always hangs and
never recovers. If I press ctrl-c I get kicked out. If I'm logged in
with another session and kill the xauth process, the login continues
and the command runs successfully. BTW, before I do this, I can see
files .Xauthority-c and .Xauthority-l in my home directory, both with 0
bytes.

Here's some verbose output from: "ssh -vvv <server name> ls -l":
...
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/sbassle/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug2: input_userauth_pk_ok: fp
71:0d:30:3b:af:92:ab:a6:35:a5:5c:24:66:19:9a:e6
debug3: sign_and_send_pubkey
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: ssh_session2_setup: id 0
debug2: x11_get_proto: /usr/bin/X11/xauth -f
/tmp/ssh-FjJVe44028/xauthfile generate unix:10.0 MIT-MAGIC-COOKIE-1
untrusted timeout 1200 2>/dev/null
debug2: x11_get_proto: /usr/bin/X11/xauth list unix:10.0 . 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req
debug1: Requesting authentication agent forwarding.
debug2: channel 0: request auth-agent-req@openssh.com
debug1: Sending command: ls -l
debug2: channel 0: request exec
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072

At this point, the login hangs forever, or at least longer than 20
minutes, at which time I pressed ctrl-c and received the following:

debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i0/0 o0/0 fd 4/5)
debug3: channel 0: close_fds r 4 w 5 e 6
Killed by signal 2.

Running the same command to connect to an AIX 5.2 box running
openSSH_3.8.1.p1 produces exactly the same results up to the point of
the hang, then continues with:

debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
-- "ls -l" command output here...
debug3: channel 0: will not send data after close
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1)
debug3: channel 0: close_fds r -1 w -1 e 6
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 6.3 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0

In sshd_config, I have the following options turned on:
Protocol 2
PermitRootLogin no
X11Forwarding yes
Compression no

In ssh_config, I have the following options turned on:
ForwardAgent yes
ForwardX11 yes
Protocol 2

I don't believe I can roll this out to users until I get this resolved,
so I would really appreciate any help. Thanks!
Steve

• Previous message: heplesser_at_gmail.com: "SSH 3.2.0: Too many open connections --- how to check what's open?"
• Next in thread: George Baltz: "Re: Login hangs in X11 with AIX 5.2"
• Reply: George Baltz: "Re: Login hangs in X11 with AIX 5.2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]