ssh i x11forwarding

lord_Niedzwiedz sir_Misiek w o2.pl
Wto, 16 Kwi 2013, 18:23:38 CEST


        Mam zainstalowane.

On 15.04.2013 16:00, Grzesiek wrote:
> W dniu 15.04.2013 15:56, lord_Niedzwiedz pisze:
>>         A tak serio ;)
>>
>>     Po stronie serwera:
>> -bash-4.2# grep -v "^#" /etc/ssh/sshd_config | grep .
>> Port 22
>> ListenAddress 172.20.80.44
>> Protocol 2
>> PermitRootLogin no
>> MaxAuthTries 1
>> MaxSessions 4
>> IgnoreRhosts yes
>> PasswordAuthentication yes
>> PermitEmptyPasswords no
>> GSSAPIAuthentication yes
>> GSSAPICleanupCredentials yes
>> UsePAM yes
>> AllowTcpForwarding no
>> X11Forwarding yes
>> X11DisplayOffset 10
>> X11UseLocalhost yes
>> AcceptEnv LANG LC_* LANGUAGE TZ GIT_*
>> Subsystem    sftp    /usr/lib64/openssh/sftp-server
>> PrintMotd yes
>> Banner /etc/issue.net
>> AllowUSers grzegorz w 172.20.80.210/24
>>
>> Po stronie klienta:
>> (chyba nie ma to znaczenia ;) )
>> [root w Misiek ~]# grep -v "^#" /etc/ssh/sshd_config | grep .
>> PermitRootLogin no
>> AuthorizedKeysFile    .ssh/authorized_keys
>> IgnoreRhosts yes
>> PasswordAuthentication yes
>> PermitEmptyPasswords no
>> GSSAPIAuthentication yes
>> GSSAPICleanupCredentials yes
>> UsePAM yes
>> AllowTcpForwarding no
>> UsePrivilegeSeparation sandbox        # Default for new installations.
>> AcceptEnv LANG LC_* LANGUAGE TZ GIT_*
>> Subsystem    sftp    /usr/lib64/openssh/sftp-server
>>
>> Odpalam takie rzeczy jak KVM, czy VirtualBox.
>> Wszystko przechodzi bez pudła.
>>
>> Pozdro
>> Grzegorz
>>
>> On 15.04.2013 15:45, Paweł Lęcznar wrote:
>>> witam,
>>> czy obecnie działa komuś forwardowanie X'ów przez ssh? po stronie
>>> serwera mam:
>>>
>>> [root w server ~]# grep -v "^#" /etc/ssh/sshd_config | grep .
>>> Port 22
>>> AddressFamily any
>>> PermitRootLogin no
>>> AuthorizedKeysFile      .ssh/authorized_keys
>>> IgnoreRhosts yes
>>> PasswordAuthentication yes
>>> PermitEmptyPasswords no
>>> GSSAPIAuthentication yes
>>> GSSAPICleanupCredentials yes
>>> UsePAM yes
>>> AllowTcpForwarding yes
>>> X11Forwarding yes
>>> X11DisplayOffset 10
>>> X11UseLocalhost yes
>>> UsePrivilegeSeparation sandbox          # Default for new
>>> installations.
>>> AcceptEnv LANG LC_* LANGUAGE TZ GIT_*
>>> Subsystem       sftp    /usr/lib/openssh/sftp-server
>>>
>>>
>>> po stronie klienta:
>>>
>>> [root w laptop ~]# grep -v "^#" /etc/ssh/ssh_config | grep .
>>> Host *
>>>         GSSAPIAuthentication yes
>>>         GSSAPIDelegateCredentials no
>>>         ForwardAgent no
>>>         ForwardX11 yes
>>>         ForwardX11Trusted yes
>>>         StrictHostKeyChecking no
>>>         ServerAliveInterval 60
>>>         ServerAliveCountMax 10
>>>         TCPKeepAlive no
>>>         SendEnv LANG LC_* LANGUAGE TZ GIT_*
>>>
>>>
>>> próba logowania wygląda tak (bez fragmentów nieskojarzonych z
>>> forwardem x11):
>>> [user w laptop ~]# ssh 172.16.0.1 -l user -X -vvv
>>> ...
>>> debug2: x11_get_proto: /usr/bin/xauth  list :0 2>/dev/null
>>> debug1: Requesting X11 forwarding with authentication spoofing.
>>> debug2: channel 0: request x11-req confirm 1
>>> ...
>>> debug2: X11 forwarding request accepted on channel 0
>>> ...
>>>
>>> [user w server ~]$ echo $DISPLAY
>>> localhost:10.0
>>>
>>> [user w server ~]$ iceweasel
>>> debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max
>>> 16384
>>> debug1: client_request_x11: request from 127.0.0.1 41516
>>> debug2: fd 7 setting O_NONBLOCK
>>> debug3: fd 7 is O_NONBLOCK
>>> debug1: channel 1: new [x11]
>>> debug1: confirm x11
>>> debug1: client_input_channel_open: ctype x11 rchan 4 win 65536 max
>>> 16384
>>> debug1: client_request_x11: request from 127.0.0.1 41517
>>> debug2: fd 8 setting O_NONBLOCK
>>> debug3: fd 8 is O_NONBLOCK
>>> debug1: channel 2: new [x11]
>>> debug1: confirm x11
>>> [ i tutaj sobie wisi - nic się nie dzieje... ]
>>>
>>> na serwerze i kliencie wszystkie pakiety mam aktualne, gdzie szukać
>>> problemu?
>
> Masz zainstalowane xorg-app-xauth ?
> _______________________________________________
> pld-users-pl mailing list
> pld-users-pl w lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-users-pl
>



Więcej informacji o liście pld-users-pl