RE: X11 forwarding and KDE applications
Hi Jon, Thank you for your response. Previously I had verified the problem against remote clients from Kubuntu 12.04 and FreeBSD 9.1 after installing the kde4 port. I wanted to confirm the problem one last time before sending this email, and, to my chagrin, I cannot repeat it. I've tested on several different machines and the appearance is normal. Maybe a reboot did the trick? If I see the issue again I will work on a recreation recipe, given the intermittent nature. Cheers, Brad -Original Message- Sent: Tuesday, July 23, 2013 7:27 AM Subject: Re: X11 forwarding and KDE applications On 15/07/2013 16:39, Brad Keifenheim wrote: I would like to forward KDE applications using Cygwin/X in multiwindow mode. I am able to start and use the applications, but the graphical appearance seems a bit off. Specifically, starting konsole or kdevelop shows some pink coloration behind the scrollbars. I have tried other X servers, such as that provided by Ubuntu, and the problem is not present, so I believe it to be specific to the Cygwin/X server. Does anyone else see this issue, or have I misconfigured my server? This is pretty strange. Assuming this isn't a bug ([1] looks a bit old to be relevant), I can only suggest that this may be an issue with colour correction if you have that enabled for KDE. It would help in trying to reproduce this problem to know the specific version of Ubuntu that your remote X clients are from. [1] https://bugs.kde.org/show_bug.cgi?id=194703 -- Jon TURNEY Volunteer Cygwin/X X Server maintainer -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: X11 forwarding and KDE applications
On 15/07/2013 16:39, Brad Keifenheim wrote: I would like to forward KDE applications using Cygwin/X in multiwindow mode. I am able to start and use the applications, but the graphical appearance seems a bit off. Specifically, starting konsole or kdevelop shows some pink coloration behind the scrollbars. I have tried other X servers, such as that provided by Ubuntu, and the problem is not present, so I believe it to be specific to the Cygwin/X server. Does anyone else see this issue, or have I misconfigured my server? This is pretty strange. Assuming this isn't a bug ([1] looks a bit old to be relevant), I can only suggest that this may be an issue with colour correction if you have that enabled for KDE. It would help in trying to reproduce this problem to know the specific version of Ubuntu that your remote X clients are from. [1] https://bugs.kde.org/show_bug.cgi?id=194703 -- Jon TURNEY Volunteer Cygwin/X X Server maintainer -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
X11 forwarding and KDE applications
Hello, I would like to forward KDE applications using Cygwin/X in multiwindow mode. I am able to start and use the applications, but the graphical appearance seems a bit off. Specifically, starting konsole or kdevelop shows some pink coloration behind the scrollbars. I have tried other X servers, such as that provided by Ubuntu, and the problem is not present, so I believe it to be specific to the Cygwin/X server. Does anyone else see this issue, or have I misconfigured my server? Cheers, Brad Keifenheim Software Development Engineer Dell | Compellent brad_keifenh...@dell.com -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
RE: X11 forwarding within LAN vs remote
From: cygwin-xfree-ow...@cygwin.com [mailto:cygwin-xfree- ow...@cygwin.com] On Behalf Of pelle412 I figured it out. My employer had installed McAfee Host Intrusion Prevention service and I can clearly see all the blocked TCP connections at port 6000 (Exceed). Disabling the service did the trick. Now I just have to figure out how to add an exception to it even though all means to edit it via the UI seems grayed out. Have you tried `ssh -Y`? HTH, Mike
X11 forwarding within LAN vs remote
This is my first post in this forum. I have a problem with X11 forwarding that has plagued me for months now. I have a desktop PC acting as a server. It runs OpenSSH. At work I have a laptop running Windows XP, Exceed X Server, and PuTTy. I can SSH to my home LAN very easily and display X applications remotely via Exceed. Here's the problem. I can not do the same if I connect to my cygwin server from within my LAN. All X11 apps just terminate with Error opening display. Both the laptop and the cygwin server have firewalls turned off. If I VPN to work from home with my laptop, then SSH back home to my cygwin server, then I _can_ display X11 apps, but not if I SSH direct within the LAN. My router is a D-Link Extreme N. -- View this message in context: http://old.nabble.com/X11-forwarding-within-LAN-vs-remote-tp27977014p27977014.html Sent from the cygwin-xfree mailing list archive at Nabble.com. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: X11 forwarding within LAN vs remote
I figured it out. My employer had installed McAfee Host Intrusion Prevention service and I can clearly see all the blocked TCP connections at port 6000 (Exceed). Disabling the service did the trick. Now I just have to figure out how to add an exception to it even though all means to edit it via the UI seems grayed out. -- View this message in context: http://old.nabble.com/X11-forwarding-within-LAN-vs-remote-tp27977014p27981385.html Sent from the cygwin-xfree mailing list archive at Nabble.com. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: Addition to FAQ 6.1 - X11 forwarding and xauth
Wheeler, Frederick W (GE, Research) wrote: I have an additional answer to Cygwin/X FAQ 6.1, X11Forwarding does not work with OpenSSH under Cygwin --- begin A6: If the *remote* machine is a Windows machine using Cygwin OpenSSH, make sure the Cygwin xauth package is installed on the *remote* machine. The OpenSSH server needs xauth to do X11 Forwarding. --- end Added, thank you. For a while I was confounded by this: % export DISPLAY=:0 % ssh -Y -f remote-windows-host printenv DISPLAY Warning: No xauth data; using fake authentication data for X11 forwarding. *** DISPLAY not printed here !!! *** % ssh -Y -f remote-unix-host printenv DISPLAY Warning: No xauth data; using fake authentication data for X11 forwarding. localhost:21.0 *** DISPLAY printed as expected *** I finally noticed a message about xauth in the output of ssh -vvv -Y -f remote-windows-host printenv DISPLAY This was hard enough to diagnose that I think it deserves the FAQ entry above. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Addition to FAQ 6.1 - X11 forwarding and xauth
I have an additional answer to Cygwin/X FAQ 6.1, X11Forwarding does not work with OpenSSH under Cygwin --- begin A6: If the *remote* machine is a Windows machine using Cygwin OpenSSH, make sure the Cygwin xauth package is installed on the *remote* machine. The OpenSSH server needs xauth to do X11 Forwarding. --- end For a while I was confounded by this: % export DISPLAY=:0 % ssh -Y -f remote-windows-host printenv DISPLAY Warning: No xauth data; using fake authentication data for X11 forwarding. *** DISPLAY not printed here !!! *** % ssh -Y -f remote-unix-host printenv DISPLAY Warning: No xauth data; using fake authentication data for X11 forwarding. localhost:21.0 *** DISPLAY printed as expected *** I finally noticed a message about xauth in the output of ssh -vvv -Y -f remote-windows-host printenv DISPLAY This was hard enough to diagnose that I think it deserves the FAQ entry above. Fred -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
FAQ: X11 forwarding
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 For all those having issues with untrusted X11 forwarding (IOW ssh -X): 1) First, please (re-)read this: http://x.cygwin.com/docs/faq/cygwin-x-faq.html#remote 2) I can confirm that ssh is hardcoded to look for xauth in /usr/X11R6/bin. The 5.1p1-9 release should fix that; in the meantime, you can add the following line to either ~/.ssh/config or /etc/ssh_config: XAuthLocation /usr/bin/xauth 3) Even if you do that, you will still get a warning: Warning: untrusted X11 forwarding setup failed: xauth key data not generated Which means that ssh is going to use *trusted* X11 forwarding anyway, because *untrusted* X11 forwarding depends on the Security (aka XC-Security) extension, which has been disabled by default upstream. Here's why: Trusted X11 forwarding means that you trust the server that you wish to ssh into is not using any keyloggers, screenshot utilities, packet sniffers, or anything else to hijack your connection, in which case X11 will allow it to do whatever a local client would be able to do. Untrusted X11 forwarding was meant to be a way to allow logins to unknown or insecure systems. It generates a cookie with xauth and uses the Security extension to limit what the remote client is allowed to do. But this is widely considered to be not useful, because the Security extension uses an arbitrary and limited access control policy, which results in a lot of applications not working correctly and what is really a false sense of security. This is true even today; I rebuilt XWin with Security enabled and 'ssh -X' into my linux VM, and got BadAccess errors from *any* GTK2 program. More on this subject: http://www.openssh.com/faq.html#3.13 http://www.nsa.gov/selinuX/papers/x11/x93.html Given the limited usefulness of untrusted X11 forwarding, *upstream* has disabled it by default in favour of other security models, but it has not yet been removed. So there are two options: A) Leave things as they are now, with that warning advising people that untrusted X11 forwarding is not available and that trusted mode is being used instead. The warning can be silenced by using ssh -Y, since that is what ssh -X is doing now anyway. B) Re-enable the Security extension together with the openssh update, and be swamped by questions that programs aren't running under ssh -X, and have to tell everyone that ssh -X is generally broken anyway and they should be using ssh -Y instead. Unless someone can show me a case where something works correctly with option (B) where it doesn't in (A), then I may reconsider, but otherwise everyone now understands that the Security extension is not really useful, not to be relied upon, and therefore is not available. Yaakov Cygwin/X -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAkkgxwEACgkQpiWmPGlmQSOrMgCg58/L1MgjOUfzfyQn8CeApyCO jS0AoO6dCFxA16eeKkjdJiCrXk3wBetj =w+Nv -END PGP SIGNATURE- -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
X11 forwarding
Dear cygwin- Team i am training to connect my linux system from my windows XP system. I do it with putty and cygwin . but if i want start my x11 server. I get allways this error message: [EMAIL PROTECTED] /etc/X11 $ startx Welcome to the XWin X Server Vendor: The Cygwin/X Project Release: 6.8.2.0-4 Contact: cygwin-xfree@cygwin.com XWin was started with the following command line: X :0 -multiwindow -clipboard _XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root winValidateArgs - g_iNumScreens: 1 iMaxConsecutiveScreen: 1 winCheckDisplayNumber - Cygwin/X is already running on display 0 Fatal server error: InitOutput - Duplicate invocation on display number: 0. Exiting. winDeinitMultiWindowWM - Noting shutdown in progress giving up. xinit: Connection reset by peer (errno 104): unable to connect to X server xinit: No such process (errno 3): Server error. It would be nice if you can help me. Thank you verry much Max Pfeiffer -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: X11 forwarding
Max Pfeiffer wrote: Dear cygwin- Team i am training to connect my linux system from my windows XP system. I do it with putty and cygwin . but if i want start my x11 server. I get allways this error message: [EMAIL PROTECTED] /etc/X11 $ startx Welcome to the XWin X Server Vendor: The Cygwin/X Project Release: 6.8.2.0-4 Contact: cygwin-xfree@cygwin.com XWin was started with the following command line: X :0 -multiwindow -clipboard _XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root winValidateArgs - g_iNumScreens: 1 iMaxConsecutiveScreen: 1 winCheckDisplayNumber - Cygwin/X is already running on display 0 Fatal server error: InitOutput - Duplicate invocation on display number: 0. Exiting. winDeinitMultiWindowWM - Noting shutdown in progress giving up. xinit: Connection reset by peer (errno 104): unable to connect to X server xinit: No such process (errno 3): Server error. It would be nice if you can help me. The FAQ can help you: http://x.cygwin.com/docs/faq/cygwin-x-faq.html#duplicate-invocation The FAQ - a powerful force. Learn it. Know it. Live it. ;-) -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 216 Dalton Rd. (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
SSH X11 forwarding hang work around
There have been several posts in regard to the ssh -X/-Y hang, with no resolution. A simplistic work around is to simply not use xauth.exe. If the port that the X server is running on (i.e. 6000 by default) is only available via localhost, this should be reasonably secure vs. validating individual connections. Simply make xauth.exe unavailable with a command like: mv /usr/X11R6/bin/xauth.exe /usr/X11R6/bin/xauth.exe.nohang Then forwarding works: $ ssh -Y target Warning: No xauth data; using fake authentication data for X11 forwarding. Last login: Sat Apr 29 07:33:41 2006 from example $ Brett -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
Hi Jack. ssh -Y ended up with me doing the following: $ /usr/X11R6/bin/xauth list 127.0.0.1:0.0 /usr/X11R6/bin/xauth: creating new authority file /home/phil/.Xauthority Nothing happened on the other xterm window, so I went looking for /home/phil/.Xauthority - it didn't exist! (yes, I typed ls -a) :) So I tried ssh -X ... and ended up with me doing the following: $ /usr/X11R6/bin/xauth -f /tmp/ssh-Q7ut6XsxFY/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 /usr/X11R6/bin/xauth: creating new authority file /tmp/ssh-Q7ut6XsxFY/xauthfile now a file called xauthfile was created in that directory, and its contents were: 0MIT-MAGIC-COOKIE-112 character long pseudorandom string But still, no movement on the xterm window. Here's the oddity: Why could I just start the Cygwin/X server and run putty for windows with X11 forwarding and it'll work just fine? Why would X-Win32 with its built-in StarnetSSH client work just fine completely on its own? Somebody else posted that ZoneAlarm jumps in the way of Cygwin's OpenSSH - even if ZoneAlarm is shut down, but I have a hard time believing that's the issue... - Phil Jack Tanner wrote: No, it should be on the local computer. Try this: run startxwin.bat, then open two xterms. In one, run the ssh -Y -vv ... command. When it freezes, in the other xterm try to run the xauth command by hand. By the way, I gave you the wrong command syntax below. That should've been $ /usr/X11R6/bin/xauth -f /tmp/ssh-WHATEVER/... If I'm wrong, and it is on the remote computer, then from the second xterm you should be able to ssh in without X forwarding, and try it on the remote machine. Philip H. Schlesinger wrote: That appears to be something generated on the fly - and by the looks of it, on the remote computer, as that directory doesn't exist. - Phil Jack Tanner wrote: Philip H. Schlesinger wrote: Jack Tanner wrote: debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? Not sure what you mean here...forgive my n00b-ness... Err, that should've said try that command by hand. As in, $ /tmp/ssh-WHATEVER/xauthfile generate [...] timeout 1200 (Drop the 2 /dev/null bit at the end, thus keeping the output from xauthfile from being redirected to /dev/null.) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
On 04/09/2006, Philip H. Schlesinger wrote: Somebody else posted that ZoneAlarm jumps in the way of Cygwin's OpenSSH - even if ZoneAlarm is shut down, but I have a hard time believing that's the issue... Well, you could help convince yourself one way or the other by uninstalling ZoneAlarm for the purposes of testing and try the failing scenario again. -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
ZoneAlarm, but I have the remote PC in my trusted list. Plus, both Cygwin/X/putty and X-Win32/StarnetSSH work fine, so this seems to be a Cygwin issue... The only way I've been able to use either the -X or -Y switches is to uninstall ZoneAlarm, shutting it down is insufficient. The problem, atleast in my case seems to have something to do with xauth getting stuck and never returning, it actually locks up to the point of having to shutdown the X server and usually causes Windows to hang when trying to logout or reboot. This used to work, I have an older system that I use occasionally that is running ZoneAlarm and an older version of Cygwin that I can use -X/-Y and works great. I've tried using this as a model to work backwards to diagnose with no luck. I've tried various times to debug and have given up, I manually set the X display variable myself like: ssh -R 6010:localhost:6000 target then after login: export DISPLAY=:10 Of course the issue is that I'm guessing on the target as to which port is open, but so far this has worked for me. Brett -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Brett Serkez wrote: ZoneAlarm, but I have the remote PC in my trusted list. Plus, both Cygwin/X/putty and X-Win32/StarnetSSH work fine, so this seems to be a Cygwin issue... The only way I've been able to use either the -X or -Y switches is to uninstall ZoneAlarm, shutting it down is insufficient. The problem, atleast in my case seems to have something to do with xauth getting stuck and never returning, it actually locks up to the point of having to shutdown the X server and usually causes Windows to hang when trying to logout or reboot. This used to work, I have an older system that I use occasionally that is running ZoneAlarm and an older version of Cygwin that I can use -X/-Y and works great. I've tried using this as a model to work backwards to diagnose with no luck. I've tried various times to debug and have given up, I manually set the X display variable myself like: ssh -R 6010:localhost:6000 target then after login: export DISPLAY=:10 Of course the issue is that I'm guessing on the target as to which port is open, but so far this has worked for me. Still sounds like a ZoneAlarm issue. It's worth another look. -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Still sounds like a ZoneAlarm issue. It's worth another look. There was a time when this worked with ZoneAlarm, from the best I can recall, it was after a Cygwin update that it broke. My older system that I mentioned, is running almost the lastest ZA with an older Cygwin install and it works fine. I tried back reving a new system to the older version cygwin packages, but this didn't work. There was something that changed in cygwin that ZoneAlarm doesn't like. Since I'm unable to precisely identify what that is and ZoneLabs has been horrible in terms of any sort of response (not only this issue but many), I've written if off as unlikely to be resolved. Brett -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Brett Serkez wrote: Still sounds like a ZoneAlarm issue. It's worth another look. There was a time when this worked with ZoneAlarm, from the best I can recall, it was after a Cygwin update that it broke. My older system that I mentioned, is running almost the lastest ZA with an older Cygwin install and it works fine. I tried back reving a new system to the older version cygwin packages, but this didn't work. There was something that changed in cygwin that ZoneAlarm doesn't like. Since I'm unable to precisely identify what that is and ZoneLabs has been horrible in terms of any sort of response (not only this issue but many), I've written if off as unlikely to be resolved. Well if you're absolutely sure ZoneAlarm is configured in exactly the same way on both systems, then looking at Cygwin may make some sense. Or if you're convinced that Cygwin is the problem regardless, take the new Cygwin DLL to the old system and try this out. Stepping forward slowly is easier than trying to back up, which I assume is what you meant when you said you tried to back rev and it didn't work. That should allow you to home in on where the problem starts for you and point you to where you'd want to concentrate your efforts to resolve it. -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Freezes: I type my password, hit enter, and I don't get any additional output. -vvv says that things are being sent to /dev/null What are you running for a firewall? ZoneAlarm, Norton... Brett -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Hi Brett. ZoneAlarm, but I have the remote PC in my trusted list. Plus, both Cygwin/X/putty and X-Win32/StarnetSSH work fine, so this seems to be a Cygwin issue... - Phil Brett Serkez wrote: Freezes: I type my password, hit enter, and I don't get any additional output. -vvv says that things are being sent to /dev/null What are you running for a firewall? ZoneAlarm, Norton... Brett -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Philip H. Schlesinger wrote: Hi Brett. ZoneAlarm, but I have the remote PC in my trusted list. Plus, both Cygwin/X/putty and X-Win32/StarnetSSH work fine, so this seems to be a Cygwin issue... It may well be a Cygwin/X issue (and I suggested you might go about debugging it), but it's really too bad you didn't bother with the FAQ. (And my bad for not picking up on the firewall potential. Thanks, Brett.) http://x.cygwin.com/docs/faq/cygwin-x-faq.html#freeze-at-startup - Phil Brett Serkez wrote: Freezes: I type my password, hit enter, and I don't get any additional output. -vvv says that things are being sent to /dev/null What are you running for a firewall? ZoneAlarm, Norton... Brett -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
RE: SSH X11 forwarding issues
I believe the use of '-X' has been depreciated. Try using '-Y' instead. Sterling -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Philip H. Schlesinger Sent: Wednesday, April 05, 2006 10:07 PM To: cygwin-xfree@cygwin.com Subject: SSH X11 forwarding issues Hi all. I just upgraded my Cygwin to the latest version and found a rather interesting problem: I can do the following command in the bash window with no problem: ssh username@server location it prompts me for my password and then takes me in from there. -- However, if I: startx ssh -X username@server location It prompts me for my password and then hangs. -- If I: startxwin.bat ssh -X username@server location same problem: It prompts me for my password and then hangs. -- The only way I've successfully made a connection with X forwarding is: startxwin.bat Execute putty for windows with X11 forwarding enabled Enter username and password And I'm off and running... Help? - Phil -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Hi Sterling. I checked the man page and -Y is just -X with less security: -X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. Nevertheless, same problem - it freezes after I type in my password. Other ideas? - Phil Sterling Baker wrote: I believe the use of '-X' has been depreciated. Try using '-Y' instead. Sterling -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Philip H. Schlesinger Sent: Wednesday, April 05, 2006 10:07 PM To: cygwin-xfree@cygwin.com Subject: SSH X11 forwarding issues Hi all. I just upgraded my Cygwin to the latest version and found a rather interesting problem: I can do the following command in the bash window with no problem: ssh username@server location it prompts me for my password and then takes me in from there. -- However, if I: startx ssh -X username@server location It prompts me for my password and then hangs. -- If I: startxwin.bat ssh -X username@server location same problem: It prompts me for my password and then hangs. -- The only way I've successfully made a connection with X forwarding is: startxwin.bat Execute putty for windows with X11 forwarding enabled Enter username and password And I'm off and running... Help? - Phil -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
I tried the -vvv mode and here's the screen capture: debug3: no such identity: /home/phil/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: debug3: packet_send2: adding 32 (len 22 padlen 10 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null Sterling Baker wrote: I believe the use of '-X' has been depreciated. Try using '-Y' instead. Sterling -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Philip H. Schlesinger Sent: Wednesday, April 05, 2006 10:07 PM To: cygwin-xfree@cygwin.com Subject: SSH X11 forwarding issues Hi all. I just upgraded my Cygwin to the latest version and found a rather interesting problem: I can do the following command in the bash window with no problem: ssh username@server location it prompts me for my password and then takes me in from there. -- However, if I: startx ssh -X username@server location It prompts me for my password and then hangs. -- If I: startxwin.bat ssh -X username@server location same problem: It prompts me for my password and then hangs. -- The only way I've successfully made a connection with X forwarding is: startxwin.bat Execute putty for windows with X11 forwarding enabled Enter username and password And I'm off and running... Help? - Phil -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
-Y is really what you want. Aside from that, anything useful from -vv? What about the server logs? And /tmp/Xwin.log? And what do you mean by freezes? Philip H. Schlesinger wrote: Hi Sterling. I checked the man page and -Y is just -X with less security: -X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. Nevertheless, same problem - it freezes after I type in my password. Other ideas? - Phil Sterling Baker wrote: I believe the use of '-X' has been depreciated. Try using '-Y' instead. Sterling -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Philip H. Schlesinger Sent: Wednesday, April 05, 2006 10:07 PM To: cygwin-xfree@cygwin.com Subject: SSH X11 forwarding issues Hi all. I just upgraded my Cygwin to the latest version and found a rather interesting problem: I can do the following command in the bash window with no problem: ssh username@server location it prompts me for my password and then takes me in from there. -- However, if I: startx ssh -X username@server location It prompts me for my password and then hangs. -- If I: startxwin.bat ssh -X username@server location same problem: It prompts me for my password and then hangs. -- The only way I've successfully made a connection with X forwarding is: startxwin.bat Execute putty for windows with X11 forwarding enabled Enter username and password And I'm off and running... Help? - Phil -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues
Hi Jack. See my other post at 9:19 am with the -vvv output. Freezes: I type my password, hit enter, and I don't get any additional output. -vvv says that things are being sent to /dev/null - Phil Jack Tanner wrote: -Y is really what you want. Aside from that, anything useful from -vv? What about the server logs? And /tmp/Xwin.log? And what do you mean by freezes? Philip H. Schlesinger wrote: Hi Sterling. I checked the man page and -Y is just -X with less security: -X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring. -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. Nevertheless, same problem - it freezes after I type in my password. Other ideas? - Phil Sterling Baker wrote: I believe the use of '-X' has been depreciated. Try using '-Y' instead. Sterling -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Philip H. Schlesinger Sent: Wednesday, April 05, 2006 10:07 PM To: cygwin-xfree@cygwin.com Subject: SSH X11 forwarding issues Hi all. I just upgraded my Cygwin to the latest version and found a rather interesting problem: I can do the following command in the bash window with no problem: ssh username@server location it prompts me for my password and then takes me in from there. -- However, if I: startx ssh -X username@server location It prompts me for my password and then hangs. -- If I: startxwin.bat ssh -X username@server location same problem: It prompts me for my password and then hangs. -- The only way I've successfully made a connection with X forwarding is: startxwin.bat Execute putty for windows with X11 forwarding enabled Enter username and password And I'm off and running... Help? - Phil -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
Philip H. Schlesinger wrote: I tried the -vvv mode and here's the screen capture: debug1: Authentication succeeded (keyboard-interactive). OK, good. You're authenticated after entering your password. debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? 2) What do you get if you skip X-forwarding altogether? 3) What do you get if you rm the xauthority data on both sides of the connection? -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
Jack Tanner wrote: debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? Not sure what you mean here...forgive my n00b-ness... 2) What do you get if you skip X-forwarding altogether? Works fine. 3) What do you get if you rm the xauthority data on both sides of the connection? Only .Xauthority was on the remote PC, and problem still exists... debug3: no such identity: /home/phil/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: debug3: packet_send2: adding 32 (len 22 padlen 10 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Entering interactive session. debug2: callback start debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-Xc8hsbJjXZ/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null Jack Tanner wrote: Philip H. Schlesinger wrote: I tried the -vvv mode and here's the screen capture: debug1: Authentication succeeded (keyboard-interactive). OK, good. You're authenticated after entering your password. debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? 2) What do you get if you skip X-forwarding altogether? 3) What do you get if you rm the xauthority data on both sides of the connection? -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
Philip H. Schlesinger wrote: Jack Tanner wrote: debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? Not sure what you mean here...forgive my n00b-ness... Err, that should've said try that command by hand. As in, $ /tmp/ssh-WHATEVER/xauthfile generate [...] timeout 1200 (Drop the 2 /dev/null bit at the end, thus keeping the output from xauthfile from being redirected to /dev/null.) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
That appears to be something generated on the fly - and by the looks of it, on the remote computer, as that directory doesn't exist. - Phil Jack Tanner wrote: Philip H. Schlesinger wrote: Jack Tanner wrote: debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? Not sure what you mean here...forgive my n00b-ness... Err, that should've said try that command by hand. As in, $ /tmp/ssh-WHATEVER/xauthfile generate [...] timeout 1200 (Drop the 2 /dev/null bit at the end, thus keeping the output from xauthfile from being redirected to /dev/null.) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: SSH X11 forwarding issues (with verbose data)
No, it should be on the local computer. Try this: run startxwin.bat, then open two xterms. In one, run the ssh -Y -vv ... command. When it freezes, in the other xterm try to run the xauth command by hand. By the way, I gave you the wrong command syntax below. That should've been $ /usr/X11R6/bin/xauth -f /tmp/ssh-WHATEVER/... If I'm wrong, and it is on the remote computer, then from the second xterm you should be able to ssh in without X forwarding, and try it on the remote machine. Philip H. Schlesinger wrote: That appears to be something generated on the fly - and by the looks of it, on the remote computer, as that directory doesn't exist. - Phil Jack Tanner wrote: Philip H. Schlesinger wrote: Jack Tanner wrote: debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zfHmWgkGRG/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2/dev/null 1) What do you get if you try that by command hand (sans the /dev/null redirection)? Not sure what you mean here...forgive my n00b-ness... Err, that should've said try that command by hand. As in, $ /tmp/ssh-WHATEVER/xauthfile generate [...] timeout 1200 (Drop the 2 /dev/null bit at the end, thus keeping the output from xauthfile from being redirected to /dev/null.) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
SSH X11 forwarding issues
Hi all. I just upgraded my Cygwin to the latest version and found a rather interesting problem: I can do the following command in the bash window with no problem: ssh username@server location it prompts me for my password and then takes me in from there. -- However, if I: startx ssh -X username@server location It prompts me for my password and then hangs. -- If I: startxwin.bat ssh -X username@server location same problem: It prompts me for my password and then hangs. -- The only way I've successfully made a connection with X forwarding is: startxwin.bat Execute putty for windows with X11 forwarding enabled Enter username and password And I'm off and running... Help? - Phil -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
X11 forwarding connection refused
Hi I'm sorry I know this question has been asked many times but I have searched FAQ and followed all the suggestions listed there for X11 forwarding, for example I have set X11 forwarding to yes in the ssh_config files on both the client and the server. I have also set the DISPLAY variable, and tried using xhost + I have also tried some of the solutions previously mentioned but I still get the error message when I try and run any of the applications on our apps server... connect localhost port 6000: connection refused X connection to nimbus:12.0 broken (explicit kill or server shutdown) I will also add that I never get any of these problems with my apple mac versions of X11. Thanks Anna -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Re: X11 forwarding connection refused
On Fri, 30 Sep 2005, Anna Barnes wrote: Hi I'm sorry I know this question has been asked many times but I have searched FAQ and followed all the suggestions listed there for X11 forwarding, for example I have set X11 forwarding to yes in the ssh_config files on both the client and the server. I have also set the DISPLAY variable, and tried using xhost + I have also tried some of the solutions previously mentioned but I still get the error message when I try and run any of the applications on our apps server... connect localhost port 6000: connection refused X connection to nimbus:12.0 broken (explicit kill or server shutdown) I will also add that I never get any of these problems with my apple mac versions of X11. Sounds like the X server is not accepting connections. Can you run local X clients (e.g., xterm)? FWIW, you don't need to use xhost + with ssh forwarding. Also, see if http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-ssh-no-x11forwarding helps... Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_[EMAIL PROTECTED] ZZZzz /,`.-'`'-. ;-;;,_[EMAIL PROTECTED] |,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D. '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! If there's any real truth it's that the entire multidimensional infinity of the Universe is almost certainly being run by a bunch of maniacs. /DA -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://x.cygwin.com/docs/ FAQ: http://x.cygwin.com/docs/faq/
Setup Version 2.457.2.2: SSH X11 Forwarding McAfee
Hello there, I have two identical full installations of cygwin that came with setup version 2.457.2.2 on two XP machines. One machine is running Zonealarm basic and the second McAfee security center. Both firewalls have properly assigned permissions to X11 programs and ssh. I use these machines to access Redhat servers using ssh -X and ssh -Y to enable X11 forwarding. I open an xterm from within a cygwin wmaker session and issue ssh commands. The machine with Zonealarm has no problem, i.e., it does login and function properly. The second machine with McAfee is able to login using ssh without any -X or -Y switch but the xterm hangs after I have entered the passwd when -X or -Y switches are included. I have performed another test scenario on the machine with McAfee. When I open an ssh session from putty and enable X11 tunneling, I can login and issue X commands from my putty session which results in executing those commands inside my wmaker session with no problem. Can somebody shed some light on how I can fix the problem with my XP machine running McAfee, i.e, I want to be able to run ssh command from within wmaker while enabling -X or -Y switches. Regards, HY __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: Warning: No xauth data; using fake authentication data for x11 forwarding
On Tue, 26 Oct 2004, Jim Drash wrote: use ssh -X instead NO! ssh -X uses an UNTRUSTED X11 connection while ssh -Y uses a trusted connection. If you're not sure about what you say then don't mess with the users. This was one of most frequently asked questions a few months ago and I don't want to start answering the same question every day. ssh -Y is fine for all daily usage. If you know what you're dooing then use -X. But don't bother the mailinglist with strange errors which did not occur before. When I connect from cygwin to a remote host using 'ssh -Y', I get the warning: Warning: No xauth data; using fake authentication data for x11 forwarding How can I fix this? Live with it. It's just a warning. If it really bothers you then setup xauth. man Xsecurity will give you a quite detailed introduction to the whole X11 authentication schemes. But this is a quite complex task. There have been some threads on the mailing list about this topic (search for md5sum and xauth). bye ago -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
Warning: No xauth data; using fake authentication data for x11 forwarding
When I connect from cygwin to a remote host using 'ssh -Y', I get the warning: Warning: No xauth data; using fake authentication data for x11 forwarding How can I fix this? Thanks! kj
Re: Warning: No xauth data; using fake authentication data for x11 forwarding
use ssh -X instead On Tue, 26 Oct 2004 14:36:36 -0400 (EDT), [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: When I connect from cygwin to a remote host using 'ssh -Y', I get the warning: Warning: No xauth data; using fake authentication data for x11 forwarding How can I fix this? Thanks! kj
RE: Cygwin/X11 forwarding ques.
Alexander Gottwald wrote: There have been ideas to implement this with mirror video adapter drivers like utravnc uses them or with the x11drv from wine. But the last time i looked into it (esp. the wine x11drv driver) i found it nearly impossible to build it without spending a half live on it. Yet another status update: - UltraVNC Hook DLL is closed source and even the binary must be used with UltraVNC only. - The SetDDIHook function which was mentioned several times on the WinVNC mailinglist is vanisched from MSDN. - The Screen Drawing Data Pump (SDDP) which was mentioned as a successor to SetDDIHook is not documented by Microsoft either. It was part of the MSAM (Microsoft Accessibility Methods) and i could not find any references and working links to documentation. - UltraVNC has mentioned some other VNC products which use a less advanced hooking mechanism then UltraVNC but this is still worth a try (if it is open source). - Windows Longhorn will drop the old device drivers and use only DirectDraw. I guess with this change a new framework for hooking screen drawing is also introduced - Building a new device driver which uses a lot of functions from x11drv from wine will most likely be the best aproach. If anybody has more information about these topics I'd be glad to receive them. bye ago NP: Velvet Acid Christ - Haunted -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
Cygwin/X11 forwarding ques.
I think I know the answer to this already, but thought I'd check to make sure. (I googled first, but didn't find anything.) I know how to use X11 forwarding with Cygwin so that I can have GUI apps from my Linux box run remotely on my Windows box. Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my Windows box? I'm assuming the answer is no, since Windows apps aren't X Windows apps, but thought I'd check just in case. I actually tried this as an experiment: started up Cygwin's sshd on the win box and did an ssh -X into it. I was able to ssh in - and even launch an app (notepad). Problem was, of course, that notepad opened on the Windows box, and not remotely on the Linux box. Anyway, if there's any way to do something like this, please let me know. Thanks, DR P.S. Yes, I already know about VNC and the like. But I want to run individual Windows apps remotely, not the whole desktop. == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ==
Re: Cygwin/X11 forwarding ques.
On Thu, 1 Apr 2004, Rosenstrauch, David wrote: Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my Windows box? No. This is not possible with X11 Forwarding. bye ago -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
RE: Cygwin/X11 forwarding ques.
-Original Message- From: Alexander Gottwald [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 11:30 AM To: [EMAIL PROTECTED] Subject: Re: Cygwin/X11 forwarding ques. On Thu, 1 Apr 2004, Rosenstrauch, David wrote: Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my Windows box? No. This is not possible with X11 Forwarding. bye ago Thanks for the response. Your answer probably still stands, but I just wanted to point out a typo of mine, just in case it threw anyone off. That should have read: Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my *LINUX* box? Thanks, DR == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ==
Re: Cygwin/X11 forwarding ques.
Rosenstrauch, David wrote: -Original Message- From: Alexander Gottwald [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 11:30 AM To: [EMAIL PROTECTED] Subject: Re: Cygwin/X11 forwarding ques. On Thu, 1 Apr 2004, Rosenstrauch, David wrote: Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my Windows box? No. This is not possible with X11 Forwarding. bye ago Thanks for the response. Your answer probably still stands, but I just wanted to point out a typo of mine, just in case it threw anyone off. That should have read: Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my *LINUX* box? No, but you can use either VNC or RDP (Remote Desktop Protocol) to accomplish this. VNC will work on pretty much any version of Windows, while RDP would require Windows XP Professional or Windows Server 2003 (set to remote admin mode, which allows a max of two remote sessions at a time). There are VNC and RDP clients for X systems, including those running Linux. Hope that helps, Harold
RE: Cygwin/X11 forwarding ques.
-Original Message- From: Harold L Hunt II [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 11:58 AM To: [EMAIL PROTECTED] Subject: Re: Cygwin/X11 forwarding ques. No, but you can use either VNC or RDP (Remote Desktop Protocol) to accomplish this. Thanks for the response, but ... from my original post: P.S. Yes, I already know about VNC and the like. But I want to run individual Windows apps remotely, not the whole desktop. Thanks, DR == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ==
Re: Cygwin/X11 forwarding ques.
Rosenstrauch, David wrote: -Original Message- From: Harold L Hunt II [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 11:58 AM To: [EMAIL PROTECTED] Subject: Re: Cygwin/X11 forwarding ques. No, but you can use either VNC or RDP (Remote Desktop Protocol) to accomplish this. Thanks for the response, but ... from my original post: P.S. Yes, I already know about VNC and the like. But I want to run individual Windows apps remotely, not the whole desktop. Didn't see it. I rarely read past the signature line now because of the gigantic BS quasi-legal disclaimers at the bottoms of most messages... like the one in yours :) Harold
RE: Cygwin/X11 forwarding ques.
On Thu, 1 Apr 2004, Rosenstrauch, David wrote: Thanks for the response. Your answer probably still stands, but I just wanted to point out a typo of mine, just in case it threw anyone off. That should have read: Is is possible, though, to do the opposite: i.e., use X11 forwarding to have GUI apps from my Windows box run remotely on my *LINUX* box? The limiting factor is not the destination os but the graphics system on the source. There is no way to export the windows drawing commands via X11. There have been ideas to implement this with mirror video adapter drivers like utravnc uses them or with the x11drv from wine. But the last time i looked into it (esp. the wine x11drv driver) i found it nearly impossible to build it without spending a half live on it. I could redirect you to a mailing list which had this goal too but the list is dead for about a year now after an initial lets take it on and discuss the correct name for our project and then let it die again hype. Anyway if you are interested, you can enjoy the silence in http://sources.redhat.com/ml/win32-x11/ (they've got about 30 messages in the last 18 months) bye ago, trying to stop ranting -- [EMAIL PROTECTED] http://www.gotti.org ICQ: 126018723
RE: Cygwin/X11 forwarding ques.
-Original Message- From: Harold L Hunt II [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 12:03 PM To: [EMAIL PROTECTED] Subject: Re: Cygwin/X11 forwarding ques. Didn't see it. I rarely read past the signature line now because of the gigantic BS quasi-legal disclaimers at the bottoms of most messages... like the one in yours :) Harold Yup. They are really annoying. Mine included. Don't blame me; I just work here. :-) Thanks, DR MMS csfb.cs-group.com made the following annotations. -- This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ==
RE: Cygwin/X11 forwarding ques.
-Original Message- From: Alexander Gottwald [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 12:13 PM To: '[EMAIL PROTECTED]' Subject: RE: Cygwin/X11 forwarding ques. The limiting factor is not the destination os but the graphics system on the source. There is no way to export the windows drawing commands via X11. There have been ideas to implement this with mirror video adapter drivers like utravnc uses them or with the x11drv from wine. But the last time i looked into it (esp. the wine x11drv driver) i found it nearly impossible to build it without spending a half live on it. OK. Thanks for the background info - greatly appreciated! DR == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ==
Re: Cygwin/X11 forwarding ques.
Why would you want to run a notepad ? is your vi infected by a new cygwin virus ? :) I actually tried this as an experiment: started up Cygwin's sshd on the win box and did an ssh -X into it. I was able to ssh in - and even launch an app (notepad). Problem was, of course, that notepad opened on the Windows box, and not remotely on the Linux box. = Sylvain Petreolle (spetreolle_at_users_dot_sourceforge_dot_net) Say NO to software patents Dites NON aux brevets logiciels You believe it's the year 1984, when in fact, its closer to 21841984 / Matrix Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout ! Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/ Dialoguez en direct avec vos amis grâce à Yahoo! Messenger !Téléchargez Yahoo! Messenger sur http://fr.messenger.yahoo.com
RE: Cygwin/X11 forwarding ques.
-Original Message- From: Sylvain Petreolle [mailto:[EMAIL PROTECTED] Sent: Thursday, April 01, 2004 12:40 PM To: [EMAIL PROTECTED] Subject: Re: Cygwin/X11 forwarding ques. Why would you want to run a notepad ? is your vi infected by a new cygwin virus ? :) Notepad was the test. Outlook's the goal. DR == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ==
X11 Forwarding solution
I think I've figured it out. The critical missing factor was xauth on the remote machine. I've summarized how I managed to get things to work below. - I have a machine that I am sitting at, we shall call it local. It is from here that I am running the ssh client to log into the remote machine and run my X11 app across the network. The remote machine can also be called the server, and is running sshd. This server machine has the X application that I wish to run. The remote box does NOT have to have an X server installed. It is a server, it doesn't need X; as long as the X applications have their libraries on the server, everything will be fine. The server must, however, have some X applications installed on it (e.g. ethereal). Without them, what would be the point of X11 forwarding!?! The server also MUST have a local copy of xauth for the ssh X11 forwarding to work. SSH uses the xauth on the local machine to set up an xauth entry for the dummy X server that it sets up. For Debian, this can be accomplished by installing the xbase-clients package. On the remote box, I also had to set the X11Forwarding variable to 'yes' in sshd_config. After telling sshd to reload its configuration files (or restarting it), I was able to do the normal steps to forward X11. ssh -l username -XC remote_machine You may also need to use the -A option to enable forwarding of the authentication agent connection. I'm not really sure of what this means, however. Be sure to check the command line parameters for your copy of ssh. I know that on a SunOS maachine, I use a command-line that looks like this: ssh -l username +X +C +a remote_machine Where the +a is that optional forwarding of the auth agent connection... I hope this clears it up for everyone. Thanks for your help! - [EMAIL PROTECTED] 703.413.1100 x5100
Re: ssh X11 Forwarding from menu in window manager
On Sun, 20 Jan 2002, R Dicaire wrote:
Hi, I'm trying to get ssh X11 forwarding working via a menu item in
a window manager (fvwm2) under X11 Cygwin. For the record, it works fine
under X11 Linux/blackbox.
In Cygwin, I startx, fvwm2 starts, my menu items for ssh -X are there,
but when I execute them, they just don't work. I watch the cygwin term I
started X from for errors, there are none, the Taskbar button for the
cygwin terminal however indicates xauth, and the remote app does not
start up in my X11 session.
All my ssh keys are correctly configured,
This is probably irrelevant. X11 forwarding is generally not related to
how you authenticated.
ssh -X works when executed
from an xterm inside X11 Cygwin, just not from the window manager menu.
I use ssh -X as a replacement for rsh to start remote X11 apps.
Am I missing something?
Try running this command from an xterm and not from a menu item (at least
until you get it working), because this way you can immediately see any
error messages.
First thing you should do is to use the -v (verbose) option of ssh to
get more information.
Maybe the remote server does not allow X11 forwarding?
Maybe you need to generate an initial xauthority token in your startx
script. My .xinitrc currently includes:
export DISPLAY=localhost:0
xauth generate $DISPLAY
xhost -
('xhost -' is not mandatory, but can help prevent some neighbours from
sniffing your dipplay)
There are probably better ways of doing this (suggestions anybody?), but
it currently works for me.
BTW: if you always use X11 forwarding (or always use it with some hosts)
consider setting in your config file:
Host = *
ForwardX11 = yes
or:
Host = somehost
ForwardX11 = yes
--
Tzafrir Cohen/\
mailto:[EMAIL PROTECTED]\ / ASCII Ribbon Campaign
Taub 229, 972-4-829-3942, X Against HTML Mail
http://www.technion.ac.il/~tzafrir / \
Re: ssh X11 Forwarding from menu in window manager
On Sun, 20 Jan 2002, R Dicaire wrote: Tzafrir Cohen wrote: Tzafrir, thanks for responding. All my ssh keys are correctly configured, This is probably irrelevant. X11 forwarding is generally not related to how you authenticated. Not sure what you mean here. In linux, I use ssh-agent, every terminal and xterm I log into sources a file at login that sets two ssh variables so I dont have to keep typing the passphrase for authentication to a remote host. Passwordless access. As I'd previously mentioned, this setup works fine in X11 under linux. I have this setup in Cygwin as well, and it works fine, except for executing ssh -X from window manager menu items. ssh-agent does something different: [ here follows a lengthy explanation of what ssh-agent does. Feel free to skip this if this doesn't interest you ] ssh supports authentication using private-key/public-key pairs. The idea is that only the client needs to know the private key (which is secret) and the server only needs to know the public key (which is not secret). So you create a key pair (ssh-keygen), make the private key (say, id_dsa) available to the client, and add the public key (id_dsa.pub in this case) to the list of authorized keys of the server. When a client tries to connect to the server and they decide to try public key authentication, the server encrypts a certain message with the public key, sends it to the client, and the client should be able to decrypt that message. So far, no need to type a password and no need for ssh-agent. This is fine if the client sits in your private computer at home, and you know that nobody else has access there. But what if other people have access to that directory? This can be the administrator of the system (if you only have a regular account there) or someone who happens to use your account for 5 minutes. Those people can get your private key, and from now on, present themselves as you. To prevent this, the private key can be saved localy in an encrypted for. This will require you to know a certain password (passphrase) just to be able to access the private key. But this means that you have to type a passphrase again for each connection. It does not travel the wires to the other side, but still, we don't want to keep typing the same password. ssh-agent is supposed to save you some typing. It saves (only in memory, and in a relatively secure way) decrypted private keys. Whenever you need to connect to a remote host, you ask the ssh-agent to do the public keys authentication for you. But all of this is totally unrelated to X11 forwarding. X11 forwarding takes place after the authentication has been established, in the final stages of setting a connection. It creates a socket on the server side that acts as an X server, and sets the client processes to use this server (by setting DISPLAY and adding an appropriate xauth key). Any connection to that dummy X server is transfered over the ssh connection to the original X server. ssh -X works when executed from an xterm inside X11 Cygwin, just not from the window manager menu. Sorry, I miss-read your message. Try instead to run (from the menu): xterm -e ssh -X What happens now? BTW: do you run 'ssh -X a command' ? Just 'ssh -X' is probably pointless if it is not already in a terminal (I'm not sure exactly what it is supopsed to do) First thing you should do is to use the -v (verbose) option of ssh to get more information. Maybe the remote server does not allow X11 forwarding? Since this works under Linux, its not a server issue. Still: have you tried using '-v'? It can provide you with some useful hints. Maybe you need to generate an initial xauthority token in your startx script. My .xinitrc currently includes: export DISPLAY=localhost:0 xauth generate $DISPLAY xhost - I tried adding this to .xinitrc, it didn't work. Same behaviour as before. BTW: if you always use X11 forwarding (or always use it with some hosts) consider setting in your config file: This will only make the '-X' switch unnecessary. see ssh (1). My servers and clients configurations are fine. Everything works fine under the various *nix platforms I run, just not under X11 Cygwin. I even tried sourcing the file that contains the two ssh vars for ssh-agent functionality from .xinitrc, no go. Neither did it work when I tried sourcing it as part of the window manager menu item itself. Under Linux, when one starts X, it looks like the shells environment is inherited by X, I'm thinking when X is started in Cygwin, such is not the case? What do you mean? It inherits the environment of the shell that created it (except some vars that were overriden) One difference between a standard unix environment and cygwin is that in a standard unix environment (at least in linux) the X server has to run with special priviliges, and therefore its invocation has to be wrapped with a special wrapper program (xinit, run
