LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   cannot ssh forward with the usual settings (https://www.linuxquestions.org/questions/linux-software-2/cannot-ssh-forward-with-the-usual-settings-483755/)

kpachopoulos 09-15-2006 09:36 AM

cannot ssh forward with the usual settings
 
Hi,
i cannot ssh forward, although i have the usual settings -except the fact that the server is running on Linux-Vserver guest on Sarge.

Here's what i get when i try to run firestarter or nedit for ex:
Code:

ipcop:~# firestarter
X11 connection rejected because of wrong authentication.
The application 'firestarter' lost its connection to the display localhost:10.0;
most likely the X server was shut down or you killed/destroyed
the application.
ipcop:~# nedit
X11 connection rejected because of wrong authentication.
X connection to localhost:10.0 broken (explicit kill or server shutdown).

I issued this command for the Vserver host to route "ipcop":
Code:

ip addr add 10.0.0.6/24 broadcast + dev eth0

where 10.0.0.6 is the addr of "ipcop"

Here's the /etc/ssh/sshd_config of the "ipcop" server:
Code:

# Package generated configuration file
# See the sshd(8) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 600
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile    %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Change to yes to enable tunnelled clear text passwords
PasswordAuthentication no

# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

Subsystem      sftp    /usr/lib/sftp-server

UsePAM yes

Here's the /etc/ssh/ssh_config of the client:
Code:

#      $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Host *
#  ForwardAgent no
ForwardAgent yes
#  ForwardX11 no
ForwardX11 yes
#  ForwardX11Trusted yes
ForwardX11Trusted yes
#  RhostsRSAAuthentication no
#  RSAAuthentication yes
#  PasswordAuthentication yes
#  HostbasedAuthentication no
#  BatchMode no
#  CheckHostIP yes
#  AddressFamily any
#  ConnectTimeout 0
#  StrictHostKeyChecking ask
#  IdentityFile ~/.ssh/identity
#  IdentityFile ~/.ssh/id_rsa
#  IdentityFile ~/.ssh/id_dsa
#  Port 22
#  Protocol 2,1
#  Cipher 3des
#  Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#  EscapeChar ~
#  Tunnel no
#  TunnelDevice any:any
#  PermitLocalCommand no
    SendEnv LANG LC_*
    HashKnownHosts yes


kpachopoulos 09-15-2006 10:54 AM

Could it be a firewall/port issue?


All times are GMT -5. The time now is 04:42 AM.