Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Solved] Help forwarding X via SSH
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
lyallp
Veteran
Veteran


Joined: 15 Jul 2004
Posts: 1555
Location: Adelaide/Australia

PostPosted: Wed Sep 12, 2012 1:57 am    Post subject: [Solved] Help forwarding X via SSH Reply with quote

I am trying to get X forwarded from a remote pc to my desktop.
The remote pc and local pc are both Gentoo.
Between the local and remote pc, I have a proxy.
I use 'net-misc/corkscrew' to allow SSH to connect to the remote machine.
Code:
$ cat config
# Abbreviating hostnames
Host remote-pc
    HostName remote-pc.example.com
    Port 22
    User lyall
    IdentityFile ~/.ssh/identity
    ProxyCommand corkscrew proxy.example.com 8080 %h %p

I can connect, using my keys, no problems.
However, I cannot seem to get
Code:
ssh remote-host -Y

The remote PC has a working X system, and I generally login, locally, using Fluxbox as my window manager. I use gdm as my greeter.
The local pc, has a similar setup, X, gdm and Fluxbox.
So, ssh remote-pc, just works.
ssh remote-pc -Y does not.
Output of ssh -v remote-pc -Y is as follows :-
Code:
$ ssh -v -Y lyalls-pc
OpenSSH_5.9p1-hpn13v11lpk, OpenSSL 1.0.0j 10 May 2012
debug1: Reading configuration data /home/pearcely/.ssh/config
debug1: /home/pearcely/.ssh/config line 2: Applying options for lyalls-pc
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Executing proxy command: exec corkscrew proxy.aus.hp.com 8080 lyalls-pc.dyndns.org 6503
debug1: permanently_drop_suid: 1000
debug1: identity file /home/pearcely/.ssh/identity type -1
debug1: identity file /home/pearcely/.ssh/identity-cert type -1
debug1: identity file /home/pearcely/.ssh/identity type -1
debug1: identity file /home/pearcely/.ssh/identity-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1-hpn13v11
debug1: match: OpenSSH_5.9p1-hpn13v11 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1-hpn13v11lpk
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: AUTH STATE IS 0
debug1: REQUESTED ENC.NAME is 'aes128-ctr'
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: REQUESTED ENC.NAME is 'aes128-ctr'
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 9a:72:42:23:d8:07:99:75:fe:24:dc:6b:d4:ac:13:d8
debug1: Host '[lyalls-pc.dyndns.org]:6503' is known and matches the RSA host key.
debug1: Found key in /home/pearcely/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /home/pearcely/.ssh/identity
debug1: Server accepts key: pkalg ssh-dss blen 433
debug1: Authentication succeeded (publickey).
Authenticated to lyalls-pc.dyndns.org (via proxy).
debug1: Final hpn_buffer_size = 131072
debug1: HPN Disabled: 0, HPN Buffer Size: 131072
debug1: channel 0: new [client-session]
debug1: Enabled Dynamic Window Scaling

debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
X11 forwarding request failed on channel 0
Last login: Wed Sep 12 10:59:10 CST 2012 from snopxyout-03.asiapac.hp.net on pts/0
Agent pid 3346
lyall@lyalls-pc:~


Any suggestions would be appreciated :)
_________________
...Lyall


Last edited by lyallp on Wed Sep 12, 2012 5:46 am; edited 1 time in total
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Wed Sep 12, 2012 2:24 am    Post subject: Reply with quote

doesn't ssh -X host is needed for X11 forwarding?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
BillWho
Veteran
Veteran


Joined: 03 Mar 2012
Posts: 1600
Location: US

PostPosted: Wed Sep 12, 2012 3:59 am    Post subject: Reply with quote

lyallp,

Is forwarding enabled on the server's sshd_config :?:

To enable it on the client side set it in ssh_config or you can use -X for a one-time session.
_________________
Good luck :wink:

Since installing gentoo, my life has become one long emerge :)
Back to top
View user's profile Send private message
dmpogo
Advocate
Advocate


Joined: 02 Sep 2004
Posts: 3264
Location: Canada

PostPosted: Wed Sep 12, 2012 4:06 am    Post subject: Reply with quote

DaggyStyle wrote:
doesn't ssh -X host is needed for X11 forwarding?


-X has been flaky for the last few years, and I do remember an advice to use -Y instead. Indeed, on my machines -X does not work somehow, while -Y does.


and checking that X forwarding is allowed on the server side I think should solve this thread problem indeed. By default it is disabled.
Back to top
View user's profile Send private message
Hypnos
Advocate
Advocate


Joined: 18 Jul 2002
Posts: 2889
Location: Omnipresent

PostPosted: Wed Sep 12, 2012 4:16 am    Post subject: Reply with quote

BTW, for X11 forwarding to work, the ssh server must be emerged with the "X" USE flag -- this will pull in xauth .
_________________
Personal overlay | Simple backup scheme
Back to top
View user's profile Send private message
dmpogo
Advocate
Advocate


Joined: 02 Sep 2004
Posts: 3264
Location: Canada

PostPosted: Wed Sep 12, 2012 4:46 am    Post subject: Reply with quote

Hypnos wrote:
BTW, for X11 forwarding to work, the ssh server must be emerged with the "X" USE flag -- this will pull in xauth .



well, xauth is pulled in unconditionally by xorg-server, so it is probably on that system anyway
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Wed Sep 12, 2012 5:07 am    Post subject: Reply with quote

dmpogo wrote:
DaggyStyle wrote:
doesn't ssh -X host is needed for X11 forwarding?


-X has been flaky for the last few years, and I do remember an advice to use -Y instead. Indeed, on my machines -X does not work somehow, while -Y does.


and checking that X forwarding is allowed on the server side I think should solve this thread problem indeed. By default it is disabled.

funny, didn't know that feature exists, thanks for the clear up.
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
lyallp
Veteran
Veteran


Joined: 15 Jul 2004
Posts: 1555
Location: Adelaide/Australia

PostPosted: Wed Sep 12, 2012 5:46 am    Post subject: Reply with quote

I did not have X forwarding enabled on the server!

I found out about the -Y option (as opposed to the -X). Apparently, -X gives untrusted forwarding, whilst -Y gives trusted forwarding and is not reliant on the X11 Security extension. (so says the ssh man page).

Here I was thinking it was the proxy or something on the client side...

Thanks people. :)
_________________
...Lyall
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum