Bug#574035: openssh-server: sshd_config(5) should mention that the server needs xauth for X11 forwarding

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#574035: openssh-server: sshd_config(5) should mention that the server needs xauth for X11 forwarding
From: Samuel Thibault <sthibault@debian.org>
Date: Mon, 15 Mar 2010 22:24:14 +0100
Message-id: <[🔎] 20100315212414.GA10640@const.famille.thibault.fr>
Reply-to: Samuel Thibault <sthibault@debian.org>, 574035@bugs.debian.org

Package: openssh-server
Version: 1:5.3p1-3
Severity: normal

Hello,

It now happened several times that I had to tell a colleague that to
enable X11 forwarding on a server, he needed to install the xauth
program. If the sshd_config(5) paragraph about the X11Forwarding option
was mentioning that xauth is needed for proper setup, they would
probably have found by themselves, as well as all the other admins who
didn't ask somebody else to solve their issue and just gave up or (oh
horror) simply used xhost +...

Samuel

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.33 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssh-server depends on:
ii  adduser                3.112             add and remove users and groups
ii  debconf [debconf-2.0]  1.5.28            Debian configuration management sy
ii  dpkg                   1.15.5.6          Debian package management system
ii  libc6                  2.10.2-6          Embedded GNU C Library: Shared lib
ii  libcomerr2             1.41.10-1         common error description library
ii  libgssapi-krb5-2       1.8+dfsg~alpha1-7 MIT Kerberos runtime libraries - k
ii  libkrb5-3              1.8+dfsg~alpha1-7 MIT Kerberos runtime libraries
ii  libpam-modules         1.1.1-2           Pluggable Authentication Modules f
ii  libpam-runtime         1.1.1-2           Runtime support for the PAM librar
ii  libpam0g               1.1.1-2           Pluggable Authentication Modules l
ii  libselinux1            2.0.89-4          SELinux runtime shared libraries
ii  libssl0.9.8            0.9.8m-2          SSL shared libraries
ii  libwrap0               7.6.q-18          Wietse Venema's TCP wrappers libra
ii  lsb-base               3.2-23            Linux Standard Base 3.2 init scrip
ii  openssh-blacklist      0.4.1             list of default blacklisted OpenSS
ii  openssh-client         1:5.3p1-3         secure shell (SSH) client, for sec
ii  procps                 1:3.2.8-8         /proc file system utilities
ii  zlib1g                 1:1.2.3.4.dfsg-3  compression library - runtime

Versions of packages openssh-server recommends:
ii  openssh-blacklist-extra       0.4.1      list of non-default blacklisted Op
ii  xauth                         1:1.0.4-1  X authentication utility

Versions of packages openssh-server suggests:
pn  molly-guard                  <none>      (no description available)
pn  rssh                         <none>      (no description available)
ii  ssh-askpass                  1:1.2.4.1-9 under X, asks user for a passphras
pn  ufw                          <none>      (no description available)

-- debconf information excluded

-- 
Samuel Thibault <samuel.thibault@fnac.net>
 SL> Au fait elle est mieux ma signature maintenant ?
 Oui. T'enl�ve encore les conneries que t'as �crit dedans et c'est bon.
 -+- JB in <http://neuneu.mine.nu> : Le neueuttoyage par le vide -+-

Reply to:

Prev by Date: Bug#573739: openssh-client: GSSAPIDelegateCredentials no longer works
Next by Date: Re: Regarding CVE-2006-4925
Previous by thread: Bug#573739: openssh-client: GSSAPIDelegateCredentials no longer works
Next by thread: Processed: ipv6 release goal
Index(es):
- Date
- Thread