Bug#691844: xauth: Failed X11 forwarding when using GDM via XDMCP
Le dimanche 04 novembre 2012 à 01:01 +0100, Julien Cristau a écrit :
> > When using GDM via XDMCP, for examle when accessing GDM via
> > vncserver->XDMCP->localhost, ssh is no longer able to forward X11.
> >
> > Invalid MIT-MAGIC-COOKIE-1 keyxterm Xt error: Can't open display:
> > localhost:10.0
> >
> > The problem is, that xauth is unable to deal with the Family "FamilyWild" which
> > is used by GDM in XDMCP to store the MIT-MAGIC-COOKIE-1 for the user.
> >
> > Attached are two patches, one for 1.0.4-1 and one for 1.0.7-1. The original
> > Patch is by Dr. Tilmann Bubeck.
> >
> > Upstream Bug is at
> >
> > https://bugs.freedesktop.org/show_bug.cgi?id=43425
> >
> > FWIW, Redhat also has a bug for this:
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=505545
> >
> Why does gdm do that? How is that not a gdm bug?
This is not a bug in GDM to use FamilyWild which is a valid scheme.
However, as Ray Strode pointed out, it makes sense to patch GDM to use
FamilyInternet instead, so that it works with any xauth binary on the
other end of SSH connections.
It would be just for convenience anyway: nobody in their right mind
should use XDMCP except on completely controlled networks. Encrypting
your X application while on the other end the stream will go from the
server to the thin client unencrypted sounds like putting a lock on a
paper door.
--
.''`. Josselin Mouette
: :' :
`. `'
`-
Reply to: