ssh -Y -l user etc,etc
gene heskett
gheskett at wdtv.com
Fri Feb 25 12:31:41 PST 2011
On Friday, February 25, 2011 03:26:57 pm Glynn Clements did opine:
> gene heskett wrote:
> > > Note that if you change DISPLAY manually (via "export"), you may
> > > also need to update the X authentication credentials with xauth.
> >
> > I recall I did have to use xauth at one time, years ago. Unforch, no
> > man pages for it are installed, and the --help output is criminally
> > concise.
> >
> > If I do an 'xauth list', it only spits out one cookie, for the wap11
> > at *.*.*.100 on my local network.
>
> Is that on "shop" or "coyote"?
>
I believe that was on coyote, that command spits out one cookie and hangs
till cntrl-c'd.
On shop:
gene at shop:~/emc2/configs/genes-mill$ xauth list
coyote.coyote.den/unix:0 MIT-MAGIC-COOKIE-1 b6etcetcetc
shop/unix:10 MIT-MAGIC-COOKIE-1 d0etcetcetc
> "ssh -Y shop ..." (or -X) should add an xauth entry on "shop" along
> the lines of:
>
> shop/unix:10 MIT-MAGIC-COOKIE-1 fedcba9876543210fedcba9876543210
Its there,. different cookie hash though.
> It should do this regardless of whether coyote's X server uses
> xauth-style authentication (which is typically the case when started
> via a display manager such as xdm, gdm, kdm, etc) or xhost-style
> authentication (which is typically the case when started directly or
> via startx).
>
> However: it *doesn't* do this if you have a ~/.ssh/rc or
> /etc/ssh/sshrc script. In that case, sshd passes the authentication
> data to the script's stdin, and the script has to create the xauth
> entries itself. This step is non-optional if you want to use X11
> forwarding; if you have an rc script and it doesn't add the xauth
> data, sshd's X proxy will end up refusing the connections.
>
> The "SSHRC" section in the sshd(8) manpage goes into more detail.
>
> > X11UseLocalHost is
> > #X11UseLocalhost yes in /etc/ssh/sshd_config
> > commented out. Does changing that need a reboot?
>
> It requires restarting sshd, either with "kill -HUP ..." or whatever
> mechanism your Linux distribution uses for managing services (e.g.
> something like: "/etc/init.d/sshd restart").
>
> But I don't think that will make any difference.
Thanks Glynn. I just found something in shops dmesg after enabling a bit
of debugging in emc, and I'll take that to the emc list.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
<http://tinyurl.com/ddg5bz>
He who enters his wife's dressing room is a philosopher or a fool.
-- Balzac
More information about the xorg
mailing list