ssh&xauth issues aren't quite new I know, but even after searching some threads I still didn't found what I'm looking for.
I want to use ssh -X (not ssh -Y, which works! Main reason: I don't want remote X apps to temper with my controls) to start X applications remotly on my gentoo box.
But every time i logged in, I got these
Code: Select all
Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
running ssh -vvv -X remotehost reveals
Code: Select all
debug2: x11_get_proto: /usr/bin/xauth -f /tmp/ssh-iEnVnh4826/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null
Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
Code: Select all
$/usr/bin/xauth -f /tmp/ssh-iEnVnh4826/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200
$/usr/bin/xauth: error in locking authority file /tmp/ssh-iEnVnh4826/xauthfile
Code: Select all
$mkdir /tmp/ssh-iEnVnh4826/
$/usr/bin/xauth -f /tmp/ssh-iEnVnh4826/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200
/usr/bin/xauth: creating new authority file /tmp/ssh-iEnVnh4826/xauthfile
/usr/bin/xauth: (argv):1: couldn't query Security extension on display ":0.0"
http://bugs.gentoo.org/237778
So it seems the untrusted clients functionality is broken (unsafe hashs, whatever...) and the Xserver - "Security extensions" are disabled by default by the gentoo developers.
So its still ssh -Y after all.
good day