Re: sshd and X
I've got a new observation: Before I installed the ssh daemon and subsequently changed my /etc/sshd_config settings, I used to log in locally the Windows 2000 machine, and then I would click the /usr/X11R6/bin/startxwin.bat to start the X server. A console window would pop up for a moment and then disappear, and then a graphical xterm window would pop up. Now, all that still works, but when the console windows pops up during startxwin.bat's execution, the first line displayed in it says access denied Then the rest of the procedure continues; the console window disappears and is replaced by a graphical xterm. Here's my /tmp/XWin.log - not the "_XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root" message: Welcome to the XWin X Server Vendor: The Cygwin/X Project Release: 6.8.2.0-2 Contact: cygwin-xfree@cygwin.com XWin was started with the following command line: /usr/X11R6/bin/XWin -multiwindow -clipboard -silent-dup-error ddxProcessArgument - Initializing default screens winInitializeDefaultScreens - w 1024 h 768 winInitializeDefaultScreens - Returning _XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root (II) XF86Config is not supported (II) See http://x.cygwin.com/docs/faq/cygwin-x-faq.html for more information (==) FontPath set to "/usr/X11R6/lib/X11/fonts/misc/,/usr/X11R6/lib/X11/fonts/TTF/,/usr/X11R6/lib/X11/fonts/Type1/,/usr/X11R6/lib/X11/fonts/CID/,/usr/X11R6/lib/X11/fonts/75dpi/,/usr/X11R6/lib/X11/fonts/100dpi/" winAdjustVideoModeShadowGDI - Using Windows display depth of 32 bits per pixel winAllocateFBShadowGDI - Creating DIB with width: 2048 height: 768 depth: 32 winInitVisualsShadowGDI - Masks 00ff ff00 00ff BPRGB 8 d 24 bpp 32 null screen fn ReparentWindow null screen fn RestackWindow InitQueue - Calling pthread_mutex_init InitQueue - pthread_mutex_init returned InitQueue - Calling pthread_cond_init InitQueue - pthread_cond_init returned winInitMultiWindowWM - Hello winMultiWindowXMsgProc - Hello winInitMultiWindowWM - Calling pthread_mutex_lock () winMultiWindowXMsgProc - Calling pthread_mutex_lock () MIT-SHM extension disabled due to lack of kernel support XFree86-Bigfont extension local-client optimization disabled due to lack of shared memory support in the kernel (--) Setting autorepeat to delay=500, rate=31 (--) winConfigKeyboard - Layout: "1009" (1009) (EE) Keyboardlayout "Canadian French" (1009) is unknown (--) 3 mouse buttons found Could not init font path element /usr/X11R6/lib/X11/fonts/CID/, removing from list! winInitMultiWindowWM - pthread_mutex_lock () returned. winProcEstablishConnection - Hello winMultiWindowXMsgProc - pthread_mutex_lock () returned. winInitMultiWindowWM - pthread_mutex_unlock () returned. winInitClipboard () winMultiWindowXMsgProc - pthread_mutex_unlock () returned. winInitMultiWindowWM - DISPLAY=127.0.0.1:0.0 winProcEstablishConnection - winInitClipboard returned. winClipboardProc - Hello winMultiWindowXMsgProc - DISPLAY=127.0.0.1:0.0 DetectUnicodeSupport - Windows NT/2000/XP winInitMultiWindowWM - XOpenDisplay () returned and successfully opened the display. winClipboardProc - DISPLAY=127.0.0.1:0.0 winMultiWindowXMsgProc - XOpenDisplay () returned and successfully opened the display. winClipboardProc - XOpenDisplay () returned and successfully opened the display. Also, why do I need to run xauth? I use the same machine to ssh to other hosts, and their X redirection works fine. Also, if I have to set the DISPLAY variable, what do I set it to, and where do I set that? Thanks On Thu, 2005-05-26 at 12:40 +0800, Erich Dollansky wrote: > Hi, > > Jean-Claude Gervais wrote: > > > > Running an application gives a different error now also. > > > > [EMAIL PROTECTED] ~ > > $ xcalc > > X11 connection rejected because of wrong authentication. > > X connection to localhost:10.0 broken (explicit kill or server > > shutdown). > > > you need to run xauth + at your machine plus you have to set the display > environment variable on the other machine. > > Check the handbook for the concequenses of above mentioned settings. > > Erich
Re: sshd and X
Hi, Jean-Claude Gervais wrote: Running an application gives a different error now also. [EMAIL PROTECTED] ~ $ xcalc X11 connection rejected because of wrong authentication. X connection to localhost:10.0 broken (explicit kill or server shutdown). you need to run xauth + at your machine plus you have to set the display environment variable on the other machine. Check the handbook for the concequenses of above mentioned settings. Erich
Re: sshd and X
OK, the machine hadn't rebooted, that was causing a problem. After reboot, the login responses have changed: error in locking authority file /cygdrive/y/jcgervais/.Xauthority [EMAIL PROTECTED] ~ $ ssh -Y neptune [EMAIL PROTECTED]'s password: Last login: Wed May 25 23:37:00 2005 from pluto Fanfare!!! You are successfully logged in to this server!!! /usr/X11R6/bin/xauth: error in locking authority file /cygdrive/y/me/.Xauthority basename: invalid option -- b Try `basename --help' for more information. -bash: [: =: unary operator expected Running an application gives a different error now also. [EMAIL PROTECTED] ~ $ xcalc X11 connection rejected because of wrong authentication. X connection to localhost:10.0 broken (explicit kill or server shutdown). On Wed, 2005-05-25 at 12:37 -0400, Igor Pechtchanski wrote: > On Wed, 25 May 2005, Boaz Harrosh wrote: > > > Alexander Gottwald wrote: > > > > > Maybe ssh -v -v -v wil give you a clue what is happening. > > > > Right!! try running sshd in a consul in the foreground. (Check what switch > > makes it run in the foreground (-d?)) > > Both -D and -d do (Cygwin's ssh-host-config uses the -D option for the > service). -d is much more verbose (into the system log, which by default > is the Windows Event Log), and will only accept one connection. > > > Than see what prints you have. > > If this works it is not the end. SYSTEM user is different than the > > foreground user, sshd is very picky about permissions been to low or to > > high. > > You can run sshd from a SYSTEM-owned shell (Google for "system owned shell > shortcut"). > Igor
Re: sshd and X
On Wed, 25 May 2005, Boaz Harrosh wrote: > Alexander Gottwald wrote: > > > Maybe ssh -v -v -v wil give you a clue what is happening. > > Right!! try running sshd in a consul in the foreground. (Check what switch > makes it run in the foreground (-d?)) Both -D and -d do (Cygwin's ssh-host-config uses the -D option for the service). -d is much more verbose (into the system log, which by default is the Windows Event Log), and will only accept one connection. > Than see what prints you have. > If this works it is not the end. SYSTEM user is different than the > foreground user, sshd is very picky about permissions been to low or to > high. You can run sshd from a SYSTEM-owned shell (Google for "system owned shell shortcut"). Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_[EMAIL PROTECTED] ZZZzz /,`.-'`'-. ;-;;,_[EMAIL PROTECTED] |,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D. '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! "The Sun will pass between the Earth and the Moon tonight for a total Lunar eclipse..." -- WCBS Radio Newsbrief, Oct 27 2004, 12:01 pm EDT
Re: sshd and X
There is no trace after the X11 forwarding request. Should there be? If there should be, what does this tell us? On Wed, 2005-05-25 at 11:23 -0400, Jean-Claude Gervais wrote: > debug1: Entering interactive session. > debug1: Requesting X11 forwarding with authentication spoofing.
Re: sshd and X
Alexander Gottwald wrote: Maybe ssh -v -v -v wil give you a clue what is happening. Right!! try running sshd in a consul in the foreground. (Check what switch makes it run in the foreground (-d?)) Than see what prints you have. If this works it is not the end. SYSTEM user is different than the foreground user, sshd is very picky about permissions been to low or to high.
Re: sshd and X
Here's the output: [EMAIL PROTECTED] ~ $ ssh -v -Y neptune OpenSSH_4.0p1, OpenSSL 0.9.7g 11 Apr 2005 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to neptune [192.168.1.10] port 22. debug1: Connection established. debug1: identity file /home/jcgervais/.ssh/identity type -1 debug1: identity file /home/jcgervais/.ssh/id_rsa type -1 debug1: identity file /home/jcgervais/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_4.0 debug1: match: OpenSSH_4.0 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.0 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'neptune' is known and matches the RSA host key. debug1: Found key in /home/jcgervais/.ssh/known_hosts:12 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interacti ve debug1: Next authentication method: publickey debug1: Trying private key: /home/jcgervais/.ssh/identity debug1: Trying private key: /home/jcgervais/.ssh/id_rsa debug1: Trying private key: /home/jcgervais/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interacti ve debug1: Next authentication method: password [EMAIL PROTECTED]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Requesting X11 forwarding with authentication spoofing. Last login: Wed May 25 11:10:32 2005 from pluto Fanfare!!! You are successfully logged in to this server!!! basename: invalid option -- b Try `basename --help' for more information. -bash: [: =: unary operator expected [EMAIL PROTECTED] ~ $ On Wed, 2005-05-25 at 17:14 +0200, Alexander Gottwald wrote: > On Wed, 25 May 2005, Jean-Claude Gervais wrote: > > > Thanks for trying, but it gives the same result. > > > > Maybe if I ask the question in a different way? Someone here MUST know > > this - > > > > How do you configure a Windows machine to receive ssh connections (done) > > and also run x applications and send the display back to the ssh client? > > > > Is there a how-to for this? I realize it is pretty specific to Cygwin/X > > Setting up the X11 tunnel is a bit complicated as sshd must create an xauth > cookie and ad it to ~/.Xauthorities. If this fails (either because xauth > was not found or some dll is not available or the like) x11 forwarding > will most likely be disabled. > > Maybe ssh -v -v -v wil give you a clue what is happening. > > bye > ago
Re: sshd and X
On Wed, 25 May 2005, Jean-Claude Gervais wrote: > Thanks for trying, but it gives the same result. > > Maybe if I ask the question in a different way? Someone here MUST know > this - > > How do you configure a Windows machine to receive ssh connections (done) > and also run x applications and send the display back to the ssh client? > > Is there a how-to for this? I realize it is pretty specific to Cygwin/X Setting up the X11 tunnel is a bit complicated as sshd must create an xauth cookie and ad it to ~/.Xauthorities. If this fails (either because xauth was not found or some dll is not available or the like) x11 forwarding will most likely be disabled. Maybe ssh -v -v -v wil give you a clue what is happening. bye ago -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
Re: sshd and X
Thanks for trying, but it gives the same result. Maybe if I ask the question in a different way? Someone here MUST know this - How do you configure a Windows machine to receive ssh connections (done) and also run x applications and send the display back to the ssh client? Is there a how-to for this? I realize it is pretty specific to Cygwin/X Thanks On Wed, 2005-05-25 at 10:59 -0400, Jean-Sebastien Trottier wrote: > Try using the -X switch as well: > ssh -X -Y [EMAIL PROTECTED] > > If this works, then read man ssh_config to learn how to enable X11 > forwarding by default on the client side. > > Cheers, > Sebastien > > On Wed, May 25, 2005 at 10:07:40AM -0400, Jean-Claude Gervais wrote: > > Thanks, Ago. > > > > Using the instructions you provided, I was able to edit the file and > > enable > > > > X11Forwarding yes > > > > I've restarted the ssh daemon, but it still doesn,t work, the DISPLAY > > variable is still not set. > > > > One thing; I changed the file > > /etc/sshd_config > > NOT > > /etc/ssh/sshd_config > > > > There is no /etc/ssh/ > > folder. All the ssh-related files are in /etc > > Is that normal? > > > > Also, what should I try next? > > > > thanks. > > > > > > On Wed, 2005-05-25 at 15:25 +0200, Alexander Gottwald wrote: > > > On Wed, 25 May 2005, Jean-Claude Gervais wrote: > > > > > > > ago, > > > > > > > > Are you sure the linux box id the problem? > > > > > > Sorry, I assumed you were connecting from cygwin to linux and not the > > > other way. > > > > > > > > > I can't seem to change the settings in the config files. > > > > > > I am logged on to the machine a me/domain > > > > > > The user I am logged on as is in the W2K machine's > > > > > > Administrators > > > > > > group. > > > > > > But the config file is owned by SYSTEM and I can't seem to edit > > > > > > it. > > > > > > What's the best course of action? > > > > > > sshd is running as user SYSTEM and so they are owned by him. Changing the > > > file permissions may help > > > > > > chmod go+w /etc/ssh/sshd_config > > > vi /etc/ssh/sshd_config > > > chmod go-w /etc/ssh/sshd_config > > > > > > But that's only a wild guess > > > > > > bye > > > ago > >
Re: sshd and X
Try using the -X switch as well: ssh -X -Y [EMAIL PROTECTED] If this works, then read man ssh_config to learn how to enable X11 forwarding by default on the client side. Cheers, Sebastien On Wed, May 25, 2005 at 10:07:40AM -0400, Jean-Claude Gervais wrote: > Thanks, Ago. > > Using the instructions you provided, I was able to edit the file and > enable > > X11Forwarding yes > > I've restarted the ssh daemon, but it still doesn,t work, the DISPLAY > variable is still not set. > > One thing; I changed the file > /etc/sshd_config > NOT > /etc/ssh/sshd_config > > There is no /etc/ssh/ > folder. All the ssh-related files are in /etc > Is that normal? > > Also, what should I try next? > > thanks. > > > On Wed, 2005-05-25 at 15:25 +0200, Alexander Gottwald wrote: > > On Wed, 25 May 2005, Jean-Claude Gervais wrote: > > > > > ago, > > > > > > Are you sure the linux box id the problem? > > > > Sorry, I assumed you were connecting from cygwin to linux and not the > > other way. > > > > > > > I can't seem to change the settings in the config files. > > > > > I am logged on to the machine a me/domain > > > > > The user I am logged on as is in the W2K machine's > > > > > Administrators > > > > > group. > > > > > But the config file is owned by SYSTEM and I can't seem to edit > > > > > it. > > > > > What's the best course of action? > > > > sshd is running as user SYSTEM and so they are owned by him. Changing the > > file permissions may help > > > > chmod go+w /etc/ssh/sshd_config > > vi /etc/ssh/sshd_config > > chmod go-w /etc/ssh/sshd_config > > > > But that's only a wild guess > > > > bye > > ago > signature.asc Description: Digital signature
Re: sshd and X
Thanks, Ago. Using the instructions you provided, I was able to edit the file and enable X11Forwarding yes I've restarted the ssh daemon, but it still doesn,t work, the DISPLAY variable is still not set. One thing; I changed the file /etc/sshd_config NOT /etc/ssh/sshd_config There is no /etc/ssh/ folder. All the ssh-related files are in /etc Is that normal? Also, what should I try next? thanks. On Wed, 2005-05-25 at 15:25 +0200, Alexander Gottwald wrote: > On Wed, 25 May 2005, Jean-Claude Gervais wrote: > > > ago, > > > > Are you sure the linux box id the problem? > > Sorry, I assumed you were connecting from cygwin to linux and not the > other way. > > > > > I can't seem to change the settings in the config files. > > > > I am logged on to the machine a me/domain > > > > The user I am logged on as is in the W2K machine's > > > > Administrators > > > > group. > > > > But the config file is owned by SYSTEM and I can't seem to edit > > > > it. > > > > What's the best course of action? > > sshd is running as user SYSTEM and so they are owned by him. Changing the > file permissions may help > > chmod go+w /etc/ssh/sshd_config > vi /etc/ssh/sshd_config > chmod go-w /etc/ssh/sshd_config > > But that's only a wild guess > > bye > ago
Re: sshd and X
On Wed, 25 May 2005, Jean-Claude Gervais wrote: > ago, > > Are you sure the linux box id the problem? Sorry, I assumed you were connecting from cygwin to linux and not the other way. > > > I can't seem to change the settings in the config files. > > > I am logged on to the machine a me/domain > > > The user I am logged on as is in the W2K machine's Administrators > > > group. > > > But the config file is owned by SYSTEM and I can't seem to edit it. > > > What's the best course of action? sshd is running as user SYSTEM and so they are owned by him. Changing the file permissions may help chmod go+w /etc/ssh/sshd_config vi /etc/ssh/sshd_config chmod go-w /etc/ssh/sshd_config But that's only a wild guess bye ago -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
Re: sshd and X
ago, Are you sure the linux box id the problem? When I open an xterm on the linux box and type SET, I can see the DISPLAY variable is set correctly, and then if I use that xterm to ssh to any Linux host, I can run xcalc on the remote host and see the display locally on the machine I am logged in from. But when I take the xterm and try connecting to the Windows 2000 ssh server, I connect OK, but the DISPLAY variable is no longer exists in the bash shell the Windows 2000 box starts. Thanks On Wed, 2005-05-25 at 14:40 +0200, Alexander Gottwald wrote: > On Wed, 25 May 2005, Jean-Claude Gervais wrote: > > > Thanks ago, > > > > I can't seem to change the settings in the config files. > > I am logged on to the machine a me/domain > > The user I am logged on as is in the W2K machine's Administrators > > group. > > But the config file is owned by SYSTEM and I can't seem to edit it. > > What's the best course of action? > > You'll have to change the config files on the linux server > > bye > ago
Re: sshd and X
On Wed, 25 May 2005, Jean-Claude Gervais wrote: > Thanks ago, > > I can't seem to change the settings in the config files. > I am logged on to the machine a me/domain > The user I am logged on as is in the W2K machine's Administrators > group. > But the config file is owned by SYSTEM and I can't seem to edit it. > What's the best course of action? You'll have to change the config files on the linux server bye ago -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
Re: sshd and X
Thanks ago, I can't seem to change the settings in the config files. I am logged on to the machine a me/domain The user I am logged on as is in the W2K machine's Administrators group. But the config file is owned by SYSTEM and I can't seem to edit it. What's the best course of action? Thanks On Wed, 2005-05-25 at 14:09 +0200, Alexander Gottwald wrote: > On Wed, 25 May 2005, Jean-Claude Gervais wrote: > > > ssh -Y [EMAIL PROTECTED] > > > > Once I am logged in, I'd like to run an X11 application. For example > > xcalc. > > > > If I execute xcalc, I get the following output > > > > $ xcalc > > Error: Can't open display: > > > > If I check the environment variables, there is no DISPLAY variable. > > Either X11Forwarding is disabled in the server or some login scripts > reset the DISPLAY variable. > > Check http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-ssh-no-x11forwarding > > bye > ago
Re: sshd and X
On Wed, 25 May 2005, Jean-Claude Gervais wrote: > ssh -Y [EMAIL PROTECTED] > > Once I am logged in, I'd like to run an X11 application. For example > xcalc. > > If I execute xcalc, I get the following output > > $ xcalc > Error: Can't open display: > > If I check the environment variables, there is no DISPLAY variable. Either X11Forwarding is disabled in the server or some login scripts reset the DISPLAY variable. Check http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-ssh-no-x11forwarding bye ago -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
sshd and X
Hello, I've installed the Cygwin/X ssh daemon as a service under Windows 2000. It works fine. I can go sit at Linux box and ssh into the machine running Windows 2000. ssh -Y [EMAIL PROTECTED] Once I am logged in, I'd like to run an X11 application. For example xcalc. If I execute xcalc, I get the following output $ xcalc Error: Can't open display: If I check the environment variables, there is no DISPLAY variable. Is there a way to make this work? Thank you.