Re: [BackupPC-users] Configure ssh: X11 connection rejected because of wrong authentication.
Hi, On Mon, Aug 10, 2009 at 10:19, Craig Swanson wrote: > host tapper: BackupPC on fedora 10 x86_64 > Created a public key as backuppc on the server, copied to the client's > backuppc home dir. > config.pl:$Conf{RsyncClientCmd} = '$sshPath -x -l backuppc $host nice -n > 19 sudo $rsyncPath $argList+'; It's a long shot, but did you try to set up BackupPC SSH keys on the target's root user and connect to the sshd with the root user without using sudo? Does that work or do you have the same error? I've seen some strange setups of sudo with some PAM modules that use GTK/GNOME and consequently require X... if you test it without sudo and it works, that is most likely the problem, if it doesn't work either, at least that hypothesis is discarded... > -q was removed, hoping to see more info. So, you had the same problem with -q or not? It was not completely clear from your original post... Also, do you have something in /etc/ssh/ssh_config or ~backuppc/.ssh/config that might be triggering this issue? HTH, Filipe -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List:https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki:http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
Re: [BackupPC-users] Configure ssh: X11 connection rejected because of wrong authentication.
On Mon, Aug 10, 2009 at 10:19:32AM -0400, Craig Swanson wrote: > I have created a new installation of BackupPC, attempting to configure > ssh with sudo, per the BackupPC instructions. > BackupPC fails, echoing: X11 connection rejected because of wrong > authentication. Add a -x to your ssh command line. HTH, Tino. -- "What we nourish flourishes." - "Was wir nähren erblüht." www.lichtkreis-chemnitz.de www.craniosacralzentrum.de -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List:https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki:http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
[BackupPC-users] Configure ssh: X11 connection rejected because of wrong authentication.
I have created a new installation of BackupPC, attempting to configure ssh with sudo, per the BackupPC instructions. BackupPC fails, echoing: X11 connection rejected because of wrong authentication. Details follow. Thanks in advance for your time, Craig Swanson host balsa: backup target on fedora 10 x86_64 Created a local non-root user (backuppc) on the client. Modified /etc/sudoers to allow rsync, whoami for backuppc host tapper: BackupPC on fedora 10 x86_64 Created a public key as backuppc on the server, copied to the client's backuppc home dir. config.pl:$Conf{RsyncClientCmd} = '$sshPath -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+'; -q was removed, hoping to see more info. iptables and SELinux are disabled on both hosts. ssh is ok from the command line: tapper# su -s /bin/bash backuppc bash$ ssh -x -l backuppc balsa sudo whoami root BackupPC fails, echoing to tapper's terminal: X11 connection rejected because of wrong authentication. BackupPC log: 2009-08-10 09:09:45 User requested backup of balsa.midwest-tool.com (balsa.midwest-tool.com) 2009-08-10 09:09:46 Started full backup on balsa.midwest-tool.com (pid=22152, share=/var) 2009-08-10 09:09:52 Backup failed on balsa.midwest-tool.com (fileListReceive failed) Increased log level for sshd on the client to DEBUG. /var/log/secure: Aug 10 09:12:30 balsa sshd[5388]: debug1: Forked child 5433. Aug 10 09:12:30 balsa sshd[5433]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 Aug 10 09:12:30 balsa sshd[5433]: debug1: inetd sockets after dupping: 3, 3 Aug 10 09:12:30 balsa sshd[5433]: Connection from 192.168.1.190 port 54524 Aug 10 09:12:30 balsa sshd[5433]: debug1: Client protocol version 2.0; client software version OpenSSH_5.1 Aug 10 09:12:30 balsa sshd[5433]: debug1: match: OpenSSH_5.1 pat OpenSSH* Aug 10 09:12:30 balsa sshd[5433]: debug1: Enabling compatibility mode for protocol 2.0 Aug 10 09:12:30 balsa sshd[5433]: debug1: Local version string SSH-2.0-OpenSSH_5.2 Aug 10 09:12:30 balsa sshd[5435]: debug1: permanently_set_uid: 74/74 Aug 10 09:12:30 balsa sshd[5435]: debug1: list_hostkey_types: ssh-rsa,ssh-dss Aug 10 09:12:30 balsa sshd[5435]: debug1: SSH2_MSG_KEXINIT sent Aug 10 09:12:30 balsa sshd[5435]: debug1: SSH2_MSG_KEXINIT received Aug 10 09:12:30 balsa sshd[5435]: debug1: kex: client->server aes128-cbc hmac-md5 none Aug 10 09:12:30 balsa sshd[5435]: debug1: kex: server->client aes128-cbc hmac-md5 none Aug 10 09:12:30 balsa sshd[5435]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received Aug 10 09:12:30 balsa sshd[5435]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent Aug 10 09:12:30 balsa sshd[5435]: debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT Aug 10 09:12:30 balsa sshd[5435]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent Aug 10 09:12:30 balsa sshd[5435]: debug1: SSH2_MSG_NEWKEYS sent Aug 10 09:12:30 balsa sshd[5435]: debug1: expecting SSH2_MSG_NEWKEYS Aug 10 09:12:30 balsa sshd[5435]: Connection closed by 192.168.1.190 Aug 10 09:12:30 balsa sshd[5435]: debug1: do_cleanup Aug 10 09:12:30 balsa sshd[5433]: debug1: do_cleanup /etc/ssh/sshd_config Modified as a debug step: X11UseLocalhost no (no change in result) Current sshd_config attached: # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # Disable legacy (protocol version 1) support in the server for new # installations. In future the default will change to require explicit # activation of protocol 1 Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 1024 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO LogLevel DEBUG # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords