Bug#504757: openssh-server: X11 Forwarding requires xauth but fails silently if xauth not installed
Package: openssh-server
Version: 1:5.1p1-2
Severity: normal
When using ssh -X user@host there is no indication at all why X11
Forwarding doesn't work.
The client should detect the -X and, if the server has X11Forward set
false, should inform the user. Similarly, if the server is unable to
establish an X11 connection, the user should be informed that
xauth/xlibs-base is needed.
Even running debug output only gets this:
no xauth:
debug1: server_input_channel_req: channel 0 request x11-req reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req x11-req
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
with xauth:
debug1: server_input_channel_req: channel 0 request x11-req reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req x11-req
debug1: channel 1: new [X11 inet listener]
debug1: channel 2: new [X11 inet listener]
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request exec reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req exec
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.27.4 (PREEMPT)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-server depends on:
ii adduser 3.108 add and remove users and groups
ii debconf [debconf-2.0] 1.5.23 Debian configuration management sy
ii dpkg 1.14.20 Debian package management system
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libcomerr2 1.41.0-3 common error description library
ii libkrb53 1.6.dfsg.4~beta1-3 MIT Kerberos runtime libraries
ii libpam-modules 1.0.1-1 Pluggable Authentication Modules f
ii libpam-runtime 1.0.1-1 Runtime support for the PAM librar
ii libpam0g 1.0.1-1 Pluggable Authentication Modules l
ii libselinux1 2.0.65-2 SELinux shared libraries
ii libssl0.9.8 0.9.8g-12 SSL shared libraries
ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-15 Linux Standard Base 3.2 init scrip
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
ii openssh-client 1:5.1p1-2 secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages openssh-server recommends:
ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op
ii xauth 1:1.0.3-2 X authentication utility
Versions of packages openssh-server suggests:
pn molly-guard <none> (no description available)
pn rssh <none> (no description available)
ii ssh-askpass 1:1.2.4.1-7 under X, asks user for a passphras
-- debconf information:
ssh/insecure_rshd:
ssh/vulnerable_host_keys:
* ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/disable_cr_auth: false
ssh/encrypted_host_key_but_no_keygen:
Reply to: