Bug#595014: openssh-server: X11Forwarding does not work when net.ipv6.conf.all.disable_ipv6 = 1
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: Bug#595014: openssh-server: X11Forwarding does not work when net.ipv6.conf.all.disable_ipv6 = 1
- From: Jean-Christophe Dubacq <jcdubacq1@free.fr>
- Date: Tue, 31 Aug 2010 14:47:12 +0200
- Message-id: <20100831124712.18506.47679.reportbug@localhost.localdomain>
- Reply-to: Jean-Christophe Dubacq <jcdubacq1@free.fr>, 595014@bugs.debian.org
Package: openssh-server
Version: 1:5.5p1-4
Severity: normal
It was a bit difficult to find, but when doing net.ipv6.conf.all.disable_ipv6 = 1
(and thus disabling ipv6 at the kernel level, which was required for our network
setup here), the X11 forwarding does not work any more as shown by this piece
of output of sshd -D -ddd:
[...]
debug2: bind port 6548: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6549: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6550: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6551: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6552: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6553: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6554: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
debug2: bind port 6555: Cannot assign requested address
debug3: sock_set_v6only: set socket 10 IPV6_V6ONLY
[...]
More annoying, this fails completely silently.
I can provide more output if required.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'stable'), (100, 'unstable'), (50, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-server depends on:
ii adduser 3.112 add and remove users and groups
ii debconf [debconf-2.0] 1.5.35 Debian configuration management sy
ii dpkg 1.15.7.2 Debian package management system
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libcomerr2 1.41.12-2 common error description library
ii libgssapi-krb5-2 1.8.3+dfsg~beta1-1 MIT Kerberos runtime libraries - k
ii libkrb5-3 1.8.3+dfsg~beta1-1 MIT Kerberos runtime libraries
ii libpam-modules 1.1.1-4 Pluggable Authentication Modules f
ii libpam-runtime 1.1.1-4 Runtime support for the PAM librar
ii libpam0g 1.1.1-4 Pluggable Authentication Modules l
ii libselinux1 2.0.96-1 SELinux runtime shared libraries
ii libssl0.9.8 0.9.8o-2 SSL shared libraries
ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
ii openssh-client 1:5.5p1-4 secure shell (SSH) client, for sec
ii procps 1:3.2.8-9 /proc file system utilities
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages openssh-server recommends:
ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op
ii xauth 1:1.0.4-1 X authentication utility
Versions of packages openssh-server suggests:
pn molly-guard <none> (no description available)
pn rssh <none> (no description available)
ii ssh-askpass 1:1.2.4.1-9 under X, asks user for a passphras
pn ufw <none> (no description available)
-- debconf information:
* ssh/insecure_rshd:
* ssh/vulnerable_host_keys:
* ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/disable_cr_auth: true
* ssh/encrypted_host_key_but_no_keygen:
Reply to: