On 04/10/2017 11:59, Michael Felt wrote:
On 04/10/2017 11:28, Michael Felt wrote:
Looking further: How can I see what is failing? Can I add a character
to the whitelist (once I know what is rejected)?
imho: the cure may be worse than the illness if this means my X11
sessions are either "clear" or impossible - as they are not in the
SSH (encrypted) tunnel.
My apologies - it seems I may have been 'days' too late, and the
discussions about this are not (yet) spotted by the search engines -
as, I see yesterday there was a new release - and the change notes may
already provide some "debug" info...
From: https://www.openssh.com/releasenotes.html, Changes since
OpenSSH-7.5 ...
* sshd(8): add ExposeAuthInfo option that enables writing details of
the authentication methods used (including public keys where
applicable) to a file that is exposed via a $SSH_USER_AUTH
environment variable in the subsequent session.
Still have to think a bit about how this is to be setup...
OK - packaged and testing started. No info re: xauth, only the public key.
SSH_USER_AUTH=/tmp/sshauth.VsjLknn9UBh6NyY
# cat /tmp/sshauth.VsjLknn9UBh6NyY
publickey ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIHpKOP2...
# wc /tmp/sshauth.VsjLknn9UBh6NyY
1 3 391 /tmp/sshauth.VsjLknn9UBh6NyY
Wrong tree (as in barking up the wrong ...)?
Many thanks for your patience.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev