Prev: SRS Proxy error
Next: unexpected allocated inode
From: Dragan Cvetkovic on 11 Feb 2005 09:19
Hi,

I have recently upgraded my home computer (x86 based one) from Solaris 9 to
Solaris 10 and since then I keep getting the message

Warning: No xauth data; using fake authentication data for X11 forwarding.

whenever I do ssh. I do have X11 forwarding enabled. The similarly
configured machine at work (running s10_74l2 and on Solaris Express program
for more than a year) doesn't have that problem.

Here is the output of ssh -v

dc933% ssh -v lokrum
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /home/dragan/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to lokrum [199.43.2.74] port 22.
debug1: Connection established.
debug1: identity file /home/dragan/.ssh/id_rsa type 1
debug1: identity file /home/dragan/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: en-US,en-CA,es,es-MX,fr,fr-CA,i-default
debug1: Peer sent proposed langtags, stoc: en-US,en-CA,es,es-MX,fr,fr-CA,i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1580/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'lokrum' is known and matches the RSA host key.
debug1: Found key in /home/dragan/.ssh/known_hosts:27
debug1: bits set: 1554/3191
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: Next authentication method: publickey
debug1: Offering agent key: /home/dragan/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149 lastkey 80a8c08 hint -1
debug1: Authentication succeeded (publickey)
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: channel request 0: env
debug1: channel request 0: pty-req
Warning: No xauth data; using fake authentication data for X11 forwarding.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: channel request 0: x11-req
debug1: channel request 0: shell
debug1: fd 4 setting TCP_NODELAY
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: Remote: Channel 0 set: LANG=C
Last login: Fri Feb 11 09:09:31 2005 from dyn-70-151.tor.
Sun Microsystems Inc. SunOS 5.10 Generic January 2005


Any ideas what's wrong?

Dragan

--
Dragan Cvetkovic,

To be or not to be is true. G. Boole No it isn't. L. E. J. Brouwer

!!! Sender/From address is bogus. Use reply-to one !!!
From: Dan Stromberg on 24 Feb 2005 19:23
On Sun, 13 Feb 2005 21:57:06 -0500, Dragan Cvetkovic wrote:

I'm having the same problem:

When I ssh into a Solaris 10 machine, I don't get forwarded X11
credentials. Neither do I get a $DISPLAY preset.

If I truss the daemon, I can see it trying, over and over and over, to
successfully get an IPv6 binding, and then an IPv4 binding, but every
single time, the IPv4 binding fails with:

719: close(9) = 0
719: close(8) = 0
719: so_socket(PF_INET6, SOCK_STREAM, IPPROTO_IP, "", SOV_DEFAULT) = 8
719: setsockopt(8, ipv6, 39, 0xFFBFEB68, 4, SOV_DEFAULT) = 0
719: bind(8, 0x0007BE50, 32, SOV_SOCKBSD) = 0
719: so_socket(PF_INET, SOCK_STREAM, IPPROTO_IP, "", SOV_DEFAULT) = 9
719: bind(9, 0x0007D2C0, 16, SOV_SOCKBSD) Err#125 EADDRINUSE
719: close(9) = 0
719: close(8) = 0

On a Fedora Core 3 system, I was able to solve a problem that sounds
related, by convincing the ssh daemon to run with the -4 flag.

However, when this new svcs/svcadm interface, I'm not sure where to add
the flag - assuming Solaris 10's sshd understands that flag...

Any hints?

Thanks!

From: Darren Dunham on 25 Feb 2005 01:19
In comp.unix.solaris Dan Stromberg <strombrg(a)dcs.nac.uci.edu> wrote:
> On a Fedora Core 3 system, I was able to solve a problem that sounds
> related, by convincing the ssh daemon to run with the -4 flag.

> However, when this new svcs/svcadm interface, I'm not sure where to add
> the flag - assuming Solaris 10's sshd understands that flag...

Take a look at /lib/svc/method/sshd.

If you couldn't do that, it would be more annoying, but you could simply
supply a ipv4-only address or addresses to ListenAddress in sshd_config.
--
Darren Dunham ddunham(a)taos.com
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
 | 
Pages: 1
Prev: SRS Proxy error
Next: unexpected allocated inode