ssh i x11forwarding

Grzesiek gzohop w gmail.com
Pon, 15 Kwi 2013, 16:00:57 CEST 

W dniu 15.04.2013 15:56, lord_Niedzwiedz pisze:
>         A tak serio ;)
>
>     Po stronie serwera:
> -bash-4.2# grep -v "^#" /etc/ssh/sshd_config | grep .
> Port 22
> ListenAddress 172.20.80.44
> Protocol 2
> PermitRootLogin no
> MaxAuthTries 1
> MaxSessions 4
> IgnoreRhosts yes
> PasswordAuthentication yes
> PermitEmptyPasswords no
> GSSAPIAuthentication yes
> GSSAPICleanupCredentials yes
> UsePAM yes
> AllowTcpForwarding no
> X11Forwarding yes
> X11DisplayOffset 10
> X11UseLocalhost yes
> AcceptEnv LANG LC_* LANGUAGE TZ GIT_*
> Subsystem    sftp    /usr/lib64/openssh/sftp-server
> PrintMotd yes
> Banner /etc/issue.net
> AllowUSers grzegorz w 172.20.80.210/24
>
> Po stronie klienta:
> (chyba nie ma to znaczenia ;) )
> [root w Misiek ~]# grep -v "^#" /etc/ssh/sshd_config | grep .
> PermitRootLogin no
> AuthorizedKeysFile    .ssh/authorized_keys
> IgnoreRhosts yes
> PasswordAuthentication yes
> PermitEmptyPasswords no
> GSSAPIAuthentication yes
> GSSAPICleanupCredentials yes
> UsePAM yes
> AllowTcpForwarding no
> UsePrivilegeSeparation sandbox        # Default for new installations.
> AcceptEnv LANG LC_* LANGUAGE TZ GIT_*
> Subsystem    sftp    /usr/lib64/openssh/sftp-server
>
> Odpalam takie rzeczy jak KVM, czy VirtualBox.
> Wszystko przechodzi bez pudła.
>
> Pozdro
> Grzegorz
>
> On 15.04.2013 15:45, Paweł Lęcznar wrote:
>> witam,
>> czy obecnie działa komuś forwardowanie X'ów przez ssh? po stronie 
>> serwera mam:
>>
>> [root w server ~]# grep -v "^#" /etc/ssh/sshd_config | grep .
>> Port 22
>> AddressFamily any
>> PermitRootLogin no
>> AuthorizedKeysFile      .ssh/authorized_keys
>> IgnoreRhosts yes
>> PasswordAuthentication yes
>> PermitEmptyPasswords no
>> GSSAPIAuthentication yes
>> GSSAPICleanupCredentials yes
>> UsePAM yes
>> AllowTcpForwarding yes
>> X11Forwarding yes
>> X11DisplayOffset 10
>> X11UseLocalhost yes
>> UsePrivilegeSeparation sandbox          # Default for new installations.
>> AcceptEnv LANG LC_* LANGUAGE TZ GIT_*
>> Subsystem       sftp    /usr/lib/openssh/sftp-server
>>
>>
>> po stronie klienta:
>>
>> [root w laptop ~]# grep -v "^#" /etc/ssh/ssh_config | grep .
>> Host *
>>         GSSAPIAuthentication yes
>>         GSSAPIDelegateCredentials no
>>         ForwardAgent no
>>         ForwardX11 yes
>>         ForwardX11Trusted yes
>>         StrictHostKeyChecking no
>>         ServerAliveInterval 60
>>         ServerAliveCountMax 10
>>         TCPKeepAlive no
>>         SendEnv LANG LC_* LANGUAGE TZ GIT_*
>>
>>
>> próba logowania wygląda tak (bez fragmentów nieskojarzonych z 
>> forwardem x11):
>> [user w laptop ~]# ssh 172.16.0.1 -l user -X -vvv
>> ...
>> debug2: x11_get_proto: /usr/bin/xauth  list :0 2>/dev/null
>> debug1: Requesting X11 forwarding with authentication spoofing.
>> debug2: channel 0: request x11-req confirm 1
>> ...
>> debug2: X11 forwarding request accepted on channel 0
>> ...
>>
>> [user w server ~]$ echo $DISPLAY
>> localhost:10.0
>>
>> [user w server ~]$ iceweasel
>> debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max 16384
>> debug1: client_request_x11: request from 127.0.0.1 41516
>> debug2: fd 7 setting O_NONBLOCK
>> debug3: fd 7 is O_NONBLOCK
>> debug1: channel 1: new [x11]
>> debug1: confirm x11
>> debug1: client_input_channel_open: ctype x11 rchan 4 win 65536 max 16384
>> debug1: client_request_x11: request from 127.0.0.1 41517
>> debug2: fd 8 setting O_NONBLOCK
>> debug3: fd 8 is O_NONBLOCK
>> debug1: channel 2: new [x11]
>> debug1: confirm x11
>> [ i tutaj sobie wisi - nic się nie dzieje... ]
>>
>> na serwerze i kliencie wszystkie pakiety mam aktualne, gdzie szukać 
>> problemu?

Masz zainstalowane xorg-app-xauth ?

Więcej informacji o liście pld-users-pl