subject:"Re\: x forwarding\?"

Re: x forwarding?

2012-03-14 Thread Adam Jackson

On Wed, 2012-03-14 at 03:27 -0400, gene heskett wrote:

> ssh -Y first machine works, and uses Display:10:0, ssh -Y second machine 
> doesn't, tries & fails to use Display 0:0.
> 
> Where & what does it take to enable the 2nd one? (not normally at the same 
> time)

Either:

a) The shell you launched ssh from for the second machine didn't have
$DISPLAY set,

b) sshd_config for the second machine doesn't have "X11Forwarding yes"
in it.

- ajax


signature.asc
Description: This is a digitally signed message part
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread gene heskett

On Wednesday, March 14, 2012 11:11:14 AM Adam Jackson did opine:

> On Wed, 2012-03-14 at 03:27 -0400, gene heskett wrote:
> > ssh -Y first machine works, and uses Display:10:0, ssh -Y second
> > machine doesn't, tries & fails to use Display 0:0.
> > 
> > Where & what does it take to enable the 2nd one? (not normally at the
> > same time)
> 
> Either:
> 
> a) The shell you launched ssh from for the second machine didn't have
> $DISPLAY set,
 
Same shell on this machine. login to shop works, to lathe doesn't. If its 
the login shell on the second machine, how do I set that?  And why should 
it be different since the install cd was the exact same cd?

I had to completely blacklist/disable ipv6 on the machine the XForward 
isn't working on.

> b) sshd_config for the second machine doesn't have "X11Forwarding yes"
> in it.

Contains, apparently by default:

X11Forwarding yes
X11DisplayOffset 10> 

> - ajax

I was pointed at the xauth command to fix this, but that man page has to 
rank near the top for all time obtuseness, and when executed on the non-
working machine, returns:

gene@lathe:~$ pwd
/home/gene
gene@lathe:~$ xauth list
xauth:  creating new authority file /home/gene/.Xauthority
gene@lathe:~$ cat .Xauthority
cat: .Xauthority: No such file or directory

for as many times as you want to hit the up-arrow & return.

Any better ideas?

Thanks all.

Cheers, Gene
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
My web page: 
Only a fool fights in a burning house.
-- Kank the Klingon, "Day of the Dove", stardate unknown
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread walter harms



Am 14.03.2012 16:24, schrieb gene heskett:
> On Wednesday, March 14, 2012 11:11:14 AM Adam Jackson did opine:
> 
>> On Wed, 2012-03-14 at 03:27 -0400, gene heskett wrote:
>>> ssh -Y first machine works, and uses Display:10:0, ssh -Y second
>>> machine doesn't, tries & fails to use Display 0:0.
>>>
>>> Where & what does it take to enable the 2nd one? (not normally at the
>>> same time)
>>
>> Either:
>>
>> a) The shell you launched ssh from for the second machine didn't have
>> $DISPLAY set,
>  
> Same shell on this machine. login to shop works, to lathe doesn't. If its 
> the login shell on the second machine, how do I set that?  And why should 
> it be different since the install cd was the exact same cd?
> 
> I had to completely blacklist/disable ipv6 on the machine the XForward 
> isn't working on.
> 

There is an issue with ipv6 an certain ssh configurations. I had this problem
you can see some strange errors in /var/log/

>> b) sshd_config for the second machine doesn't have "X11Forwarding yes"
>> in it.
> 
> Contains, apparently by default:
> 
> X11Forwarding yes
> X11DisplayOffset 10> 
> 
>> - ajax
> 
> I was pointed at the xauth command to fix this, but that man page has to 
> rank near the top for all time obtuseness, and when executed on the non-
> working machine, returns:
> 
> gene@lathe:~$ pwd
> /home/gene
> gene@lathe:~$ xauth list
> xauth:  creating new authority file /home/gene/.Xauthority
> gene@lathe:~$ cat .Xauthority
> cat: .Xauthority: No such file or directory
> 
> for as many times as you want to hit the up-arrow & return.
> 

This is strange, when ssh starts it should create the files.
i assume you did the ssh -v ?

re,
 wh


> Any better ideas?
> 
> Thanks all.
> 
> Cheers, Gene
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread gene heskett

On Wednesday, March 14, 2012 11:41:22 AM walter harms did opine:

> Am 14.03.2012 16:24, schrieb gene heskett:
> > On Wednesday, March 14, 2012 11:11:14 AM Adam Jackson did opine:
> >> On Wed, 2012-03-14 at 03:27 -0400, gene heskett wrote:
> >>> ssh -Y first machine works, and uses Display:10:0, ssh -Y second
> >>> machine doesn't, tries & fails to use Display 0:0.
> >>> 
> >>> Where & what does it take to enable the 2nd one? (not normally at
> >>> the same time)
> >> 
> >> Either:
> >> 
> >> a) The shell you launched ssh from for the second machine didn't have
> >> $DISPLAY set,
> > 
> > Same shell on this machine. login to shop works, to lathe doesn't. If
> > its the login shell on the second machine, how do I set that?  And
> > why should it be different since the install cd was the exact same
> > cd?
> > 
> > I had to completely blacklist/disable ipv6 on the machine the XForward
> > isn't working on.
> 
> There is an issue with ipv6 an certain ssh configurations. I had this
> problem you can see some strange errors in /var/log/
> 
> >> b) sshd_config for the second machine doesn't have "X11Forwarding
> >> yes" in it.
> > 
> > Contains, apparently by default:
> > 
> > X11Forwarding yes
> > X11DisplayOffset 10>
> > 
> >> - ajax
> > 
> > I was pointed at the xauth command to fix this, but that man page has
> > to rank near the top for all time obtuseness, and when executed on
> > the non- working machine, returns:
> > 
> > gene@lathe:~$ pwd
> > /home/gene
> > gene@lathe:~$ xauth list
> > xauth:  creating new authority file /home/gene/.Xauthority
> > gene@lathe:~$ cat .Xauthority
> > cat: .Xauthority: No such file or directory
> > 
> > for as many times as you want to hit the up-arrow & return.
> 
> This is strange, when ssh starts it should create the files.
> i assume you did the ssh -v ?
> 
Which gets noisy, but the last 2 lines are:
debug1: Requesting X11 forwarding with authentication spoofing.
X11 forwarding request failed on channel 0

Thanks.  And I'll have to get back to this later, I am putting a new engine 
in my pickup too.
> re,
>  wh
> 
> > Any better ideas?
> > 
> > Thanks all.
> > 
> > Cheers, Gene


Cheers, Gene
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
My web page: 
Anything is possible on paper.
-- Ron McAfee
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread Johannes Truschnigg

On Wed, Mar 14, 2012 at 11:43:01AM -0400, gene heskett wrote:
> On Wednesday, March 14, 2012 11:41:22 AM walter harms did opine:
> [...]
> Which gets noisy, but the last 2 lines are:
> debug1: Requesting X11 forwarding with authentication spoofing.
> X11 forwarding request failed on channel 0

Check if you have the xauth(1) program installed on the remote host you're
connecting to, and install it if it's not there yet. It missing has been the
reason for X11 forwarding not to work for me (with similar symptoms as you are
experiencing) in the past. ssh(1) tries to execute xauth on the remote side of
the connection if X11 forwardinf is requested by the client, and will not
explicitly state it has failed doing so.

-- 
with best regards:
- Johannes Truschnigg ( johan...@truschnigg.info )

www:   http://johannes.truschnigg.info/
phone: +43 650 2 17
xmpp:  johan...@truschnigg.info

Please do not bother me with HTML-email or attachments. Thank you.

signature.asc
Description: Digital signature
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread Alan Coopersmith


On 03/14/12 08:24 AM, gene heskett wrote:

I was pointed at the xauth command to fix this, but that man page has to
rank near the top for all time obtuseness, and when executed on the non-
working machine, returns:

gene@lathe:~$ pwd
/home/gene
gene@lathe:~$ xauth list
xauth:  creating new authority file /home/gene/.Xauthority
gene@lathe:~$ cat .Xauthority
cat: .Xauthority: No such file or directory


That's a misleading message, fixed a couple years ago in the xauth sources:
http://cgit.freedesktop.org/xorg/app/xauth/commit/?id=1c701094169b6e33f7faf21a269e949bf134a326
and included in xauth-1.0.5 and later releases.

Also note that a number of systems now no longer use $HOME/.Xauthority but
instead set the XAUTHORITY environment variable in your session to a
session specific file in /var for a variety of reasons, and if you're trying
to access xauth cookies from outside that session you'll need to find the
XAUTHORITY value in that session to match it.

--
-Alan Coopersmith-  alan.coopersm...@oracle.com
 Oracle Solaris Engineering - http://blogs.oracle.com/alanc
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread gene heskett

On Wednesday, March 14, 2012 05:54:56 PM Johannes Truschnigg did opine:

> On Wed, Mar 14, 2012 at 11:43:01AM -0400, gene heskett wrote:
> > On Wednesday, March 14, 2012 11:41:22 AM walter harms did opine:
> > [...]
> > Which gets noisy, but the last 2 lines are:
> > debug1: Requesting X11 forwarding with authentication spoofing.
> > X11 forwarding request failed on channel 0
> 
> Check if you have the xauth(1) program installed on the remote host
> you're connecting to, and install it if it's not there yet. It missing
> has been the reason for X11 forwarding not to work for me (with similar
> symptoms as you are experiencing) in the past. ssh(1) tries to execute
> xauth on the remote side of the connection if X11 forwardinf is
> requested by the client, and will not explicitly state it has failed
> doing so.

It was installed, I reinstalled it, and executed an xhost + using sudo

No observable change.  The complete "ssh -Y -v lathe" session is:

[gene@coyote ~]$ ssh -Y -v lathe
OpenSSH_5.9p2, OpenSSL 1.0.0e 6 Sep 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 49: Applying options for *
debug1: Connecting to lathe [192.168.71.5] port 22.
debug1: Connection established.
debug1: identity file /home/gene/.ssh/identity type -1
debug1: identity file /home/gene/.ssh/identity-cert type -1
debug1: identity file /home/gene/.ssh/id_rsa type -1
debug1: identity file /home/gene/.ssh/id_rsa-cert type -1
debug1: identity file /home/gene/.ssh/id_dsa type -1
debug1: identity file /home/gene/.ssh/id_dsa-cert type -1
debug1: identity file /home/gene/.ssh/id_ecdsa type -1
debug1: identity file /home/gene/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 
Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 
67:fc:f6:d4:95:8c:46:6d:81:fe:dc:d2:85:a4:f5:76
debug1: Host 'lathe' is known and matches the RSA host key.
debug1: Found key in /home/gene/.ssh/known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/gene/.ssh/identity
debug1: Trying private key: /home/gene/.ssh/id_rsa
debug1: Trying private key: /home/gene/.ssh/id_dsa
debug1: Trying private key: /home/gene/.ssh/id_ecdsa
debug1: Next authentication method: password
gene@lathe's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
gene@lathe's password:
debug1: Authentication succeeded (password).
Authenticated to lathe ([192.168.71.5]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessi...@openssh.com
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
X11 forwarding request failed on channel 0
Linux lathe 2.6.32-122-rtai #rtai SMP Tue Jul 27 12:44:07 CDT 2010 i686 
GNU/Linux
Ubuntu 10.04.4 LTS

Welcome to Ubuntu!
 * Documentation:  https://help.ubuntu.com/

Last login: Wed Mar 14 11:40:43 2012 from coyote.coyote.den
gene@lathe:~$ xhost
xhost:  unable to open display ""
gene@lathe:~$ xauth list
xauth:  creating new authority file /home/gene/.Xauthority
gene@lathe:~$ xauth list
xauth:  creating new authority file /home/gene/.Xauthority
gene@lathe:~$

For someone experienced, there might be a clue above.

Thanks.

Cheers, Gene
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
My web page: 
A man with 3 wings and a dictionary is cousin to the turkey.
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-14 Thread gene heskett

On Wednesday, March 14, 2012 06:01:46 PM Alan Coopersmith did opine:

> On 03/14/12 08:24 AM, gene heskett wrote:
> > I was pointed at the xauth command to fix this, but that man page has
> > to rank near the top for all time obtuseness, and when executed on
> > the non- working machine, returns:
> > 
> > gene@lathe:~$ pwd
> > /home/gene
> > gene@lathe:~$ xauth list
> > xauth:  creating new authority file /home/gene/.Xauthority
> > gene@lathe:~$ cat .Xauthority
> > cat: .Xauthority: No such file or directory
> 
> That's a misleading message, fixed a couple years ago in the xauth
> sources:
> http://cgit.freedesktop.org/xorg/app/xauth/commit/?id=1c701094169b6e33f
> 7faf21a269e949bf134a326 and included in xauth-1.0.5 and later releases.
> 
> Also note that a number of systems now no longer use $HOME/.Xauthority
> but instead set the XAUTHORITY environment variable in your session to
> a session specific file in /var for a variety of reasons, and if you're
> trying to access xauth cookies from outside that session you'll need to
> find the XAUTHORITY value in that session to match it.

Same exact CD used for install on both boxes.  Boxes identical except newer 
one has a slightly bigger HD.

shop.coyote.den has a /home/gene/.Xauthority
$cat .Xauthority
coyote.coyote.den0MIT-MAGIC-COOKIE-1�MB��Z��
��恪bshop12MIT-MAGIC-
COOKIE-1R�ȝ��T�(+�jshop11MIT-MAGIC-COOKIE-17d��r�u]��_y�shop10MIT-
MAGIC-COOKIE-1��|]���F�.

But lathe.coyote.den does not have one.

$cat .Xauthority
cat: .Xauthority: No such file or directory

Consistency within a given distro would be nice and TBT it really is 
expected.  But this is turning into a crap shoot.  And in 77 years, the 
only thing I have learned about craps is that I do not know the first thing 
about playing it.

Any other ideas to check out folks?

Thanks.

Cheers, Gene
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
My web page: 
Would you care to drift aimlessly in my direction?
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

2012-03-15 Thread Glynn Clements


gene heskett wrote:

> No observable change.  The complete "ssh -Y -v lathe" session is:

In my experience, enabling debugging on the server side (via the
LogLevel directive in sshd_config) tends to be more useful than
the debug information produced by the client.

-- 
Glynn Clements 
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding? Fixed?

2012-03-15 Thread gene heskett

On Thursday, March 15, 2012 09:21:48 AM Glynn Clements did opine:

> gene heskett wrote:
> > No observable change.  The complete "ssh -Y -v lathe" session is:
> In my experience, enabling debugging on the server side (via the
> LogLevel directive in sshd_config) tends to be more useful than
> the debug information produced by the client.

In this case 'server' I assume being the machine I am targeting, aka 
'lathe'?

Actually, by a bit of googling, I found that adding "AddressFamily inet' to 
that machines sshd_config seems to have fixed that.  I still can't run it 
remotely but from the errors, I believe the $PATH on the target machine has 
been obfuscated somehow.  The program in question cannot find its startup 
resources now.

So I think I have a whole other problem now.

Thanks to all who took the time to reply, it is appreciated.

Cheers, Gene
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
My web page: 
Remember -- only 10% of anything can be in the top 10%.
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding? Fixed?

2012-03-15 Thread Glynn Clements

gene heskett wrote:

> > In my experience, enabling debugging on the server side (via the
> > LogLevel directive in sshd_config) tends to be more useful than
> > the debug information produced by the client.
> 
> In this case 'server' I assume being the machine I am targeting, aka 
> 'lathe'?

Yes; the machine running the sshd daemon.

The ssh client can only tell you what the ssh server tells it, and
it's in the nature of the "secure shell" protocol for the server not
to tell the client too much. It may tell it if something failed, but
probably not exactly how or why it failed.

-- 
Glynn Clements 
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding? Fixed?

2012-03-15 Thread gene heskett

On Friday, March 16, 2012 12:29:58 AM Glynn Clements did opine:

> gene heskett wrote:
> > > In my experience, enabling debugging on the server side (via the
> > > LogLevel directive in sshd_config) tends to be more useful than
> > > the debug information produced by the client.
> > 
> > In this case 'server' I assume being the machine I am targeting, aka
> > 'lathe'?
> 
> Yes; the machine running the sshd daemon.

I _think_ its running but I will add that debug level to the config file 
the next time I boot it.  I need to get the motor controllers & power 
supplies assembled next.  This box will be running a cnc'd lathe when its 
all assembled.

> The ssh client can only tell you what the ssh server tells it, and
> it's in the nature of the "secure shell" protocol for the server not
> to tell the client too much. It may tell it if something failed, but
> probably not exactly how or why it failed.

I can understand that reticence.  I was out in the garage a bit ago, 
updated that machine & then shut it off, intending to get some beauty 
sleep.  Alas, I've fooled around and failed, not that it would do me much 
good with all the calendars I've thrown away. ;-)

Thanks Glynn.

Cheers, Gene
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
My web page: 
Don't vote -- it only encourages them!
___
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: arch...@mail-archive.com

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding?

Re: x forwarding? Fixed?

Re: x forwarding? Fixed?

Re: x forwarding? Fixed?

12 matches

Site Navigation

Mail list logo

Footer information