> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > bounces@xxxxxxxxxx] On Behalf Of Margaret Doll > Sent: Tuesday, April 06, 2010 12:06 PM > To: General Red Hat Linux discussion list > Subject: Re: problem with S11 forwarding using ssh > > Bill, > > Have you enabled "ssh -X" in /etc/ssh/sshd_config? > > X11Forwarding yes Yes. > > > On Apr 6, 2010, at 9:57 AM, Tangren, Bill wrote: > > > This is a repost. The first post did not seem to arrive at the list. > > > > ----- > > > > I am trying to ssh from a Mac OS client to a RHEL 4 server, fully > > patched. It > > appears that doing an "ssh -X" no longer works, while "ssh" alone > > does. > > This > > is the debug info... > > > > $ ssh -X -vvv my.remote.ssh.server > > > > debug1: Reading configuration data /etc/ssh_config > > debug2: ssh_connect: needpriv 0 > > debug1: Connecting to my.remote.ssh.server port 22. > > debug1: Connection established. > > debug1: identity file /Users/me/.ssh/identity type -1 > > debug1: identity file /Users/me/.ssh/id_rsa type -1 > > debug1: identity file /Users/me/.ssh/id_dsa type -1 > > debug1: Remote protocol version 2.0, remote software version > > OpenSSH_3.9p1 > > debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.* > > debug1: Enabling compatibility mode for protocol 2.0 > > debug1: Local version string SSH-2.0-OpenSSH_5.2 > > debug2: fd 3 setting O_NONBLOCK > > debug1: SSH2_MSG_KEXINIT sent > > debug1: SSH2_MSG_KEXINIT received > > debug2: kex_parse_kexinit: > > diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange- > > sha1, > > diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > > debug2: kex_parse_kexinit: > > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc, > > 3des-c > > bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael- > > cbc@l > > ysator.liu.se > > debug2: kex_parse_kexinit: > > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc, > > 3des-c > > bc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael- > > cbc@l > > ysator.liu.se > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx,hmac-ripemd160,hmac- > > ripemd160@ope > > nssh.com,hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx,hmac-ripemd160,hmac- > > ripemd160@ope > > nssh.com,hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx,zlib > > debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx,zlib > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: kex_parse_kexinit: > > diffie-hellman-group-exchange-sha1,diffie-hellman-group14- > > sha1,diffie-he > > llman-group1-sha1 > > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > > debug2: kex_parse_kexinit: > > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192- > > cbc,aes256-c > > bc,rijndael-cbc@xxxxxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192- > > cbc,aes256-c > > bc,rijndael-cbc@xxxxxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac- > > sha1-9 > > 6,hmac-md5-96 > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac- > > sha1-9 > > 6,hmac-md5-96 > > debug2: kex_parse_kexinit: none,zlib > > debug2: kex_parse_kexinit: none,zlib > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: mac_setup: found hmac-md5 > > debug1: kex: server->client aes128-ctr hmac-md5 none > > debug2: mac_setup: found hmac-md5 > > debug1: kex: client->server aes128-ctr hmac-md5 none > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > debug2: dh_gen_key: priv key bits set: 128/256 > > debug2: bits set: 518/1024 > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > debug3: check_host_in_hostfile: filename /Users/me/.ssh/known_hosts > > debug3: check_host_in_hostfile: match line 2 > > debug3: check_host_in_hostfile: filename /Users/me/.ssh/known_hosts > > debug3: check_host_in_hostfile: match line 2 > > debug1: Host my.remote.ssh.server' is known and matches the RSA host > > key. > > debug1: Found key in /Users/me/.ssh/known_hosts:2 > > debug2: bits set: 529/1024 > > debug1: ssh_rsa_verify: signature correct > > debug2: kex_derive_keys > > debug2: set_newkeys: mode 1 > > debug1: SSH2_MSG_NEWKEYS sent > > debug1: expecting SSH2_MSG_NEWKEYS > > debug2: set_newkeys: mode 0 > > debug1: SSH2_MSG_NEWKEYS received > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > debug2: service_accept: ssh-userauth > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > debug2: key: /Users/me/.ssh/identity (0x0) > > debug2: key: /Users/me/.ssh/id_rsa (0x0) > > debug2: key: /Users/me/.ssh/id_dsa (0x0) > > debug3: input_userauth_banner > > You are accessing ... > > > > debug1: Authentications that can continue: > > publickey,gssapi-with-mic,password > > debug3: start over, passed a different list > > publickey,gssapi-with-mic,password > > debug3: preferred publickey,keyboard-interactive,password > > debug3: authmethod_lookup publickey > > debug3: remaining preferred: keyboard-interactive,password > > debug3: authmethod_is_enabled publickey > > debug1: Next authentication method: publickey > > debug1: Trying private key: /Users/me/.ssh/identity > > debug3: no such identity: /Users/me/.ssh/identity > > debug1: Trying private key: /Users/me/.ssh/id_rsa > > debug3: no such identity: /Users/me/.ssh/id_rsa > > debug1: Trying private key: /Users/me/.ssh/id_dsa > > debug3: no such identity: /Users/me/.ssh/id_dsa > > debug2: we did not send a packet, disable method > > debug3: authmethod_lookup password > > debug3: remaining preferred: ,password > > debug3: authmethod_is_enabled password > > debug1: Next authentication method: password me@xxxxxxxxxxxxxxxxxxxx > > password: > > debug3: packet_send2: adding 48 (len 70 padlen 10 extra_pad 64) > > debug2: we sent a password packet, wait for reply > > debug1: Authentication succeeded (password). > > debug1: channel 0: new [client-session] > > debug3: ssh_session2_open: channel_new: 0 > > debug2: channel 0: send open > > debug1: Entering interactive session. > > debug2: callback start > > debug2: x11_get_proto: /usr/X11R6/bin/xauth -f > > /tmp/ssh-nuslXLF8ZI/xauthfile > > generate /tmp/launch-CmH9LX/:0 > > MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null > > > > This is as far as it got before it failed. Can anyone tell me why? > > Is it > > maybe > > having problems with writing to the /tmp directory? > > > > Something has changed recently. I was able to do this several months > > ago, and > > no configuration files have changed on the server. In the > > /etc/ssh/sshd_config > > file, I have set > > > > X11Forwarding yes > > And just added > > X11UseLocalhost No, but that didn't help. > > > > Any ideas? > > > > > > ----- > > Bill Tangren > > > > > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
