Am Mon, 12. Nov 2001, 12:29:54 +0100 schrieb Tim Dijkstra: > On Sun, 11 Nov 2001, [iso-8859-1] Jö Fahlke wrote: > > > Try ssh -X. I believe, X forwarding is now disabled by default, due to > > security reasons. > I inserted my host I ssh from in sshconfig to allow X-forwarding. > host xxx.xxx.xxx.xxx > ForwardX11 yes > ForwardAgent yes > That should be enough...I think. I think that also. > > I'm not sure if this ist the problem though. If it still does't work, > > I might still be able to help you, if you anwer these questions: > > * Were you ssh'ing out of or into the upgraded mashine? > Into > > * Do you run a 2.4 kernel now? There is a pitfall when writing your > > own firewalling rules, which got me into exactly the same Problem > > once. > No it is Linux version 2.2.19pre17. But I'd like to hear about the pitfall > anyway. Well, when X forwarding wasn't working for me (someone ssh'ing into my maschine, but unable to start emacs) I checked what happend to the packages with ethereal. Apparently, they originated from (and were destinated to) my external IP, but went over the local loopback interface. This is just an optimisation, I guess, but I didn't investigate further. I had some very paranoid rules which disallowed packages coming in (or going out) over interfaces not corresponding to the IP adress in the packet, so my ssh-traffic was blocked. I don't remeber having this problem with a 2.2 kernel, but I believe I used the standard firewall rules included in the ipmasq package then. The thing that I don't understand is why is the sshd setting DISPLAY=<hostname>:11, and not just DISPLAY=:11. Jö. -- A mathematician is a device to turn coffee into theorems.
Attachment:
pgp3HmqWuaeVc.pgp
Description: PGP signature