Since upgrading to Fedora 17, I've been getting this message "X11 forwarding request failed on channel 0". I haven't done anything to fix it for a while, but today I got so annoyed with this message, that I decided to fix it.
First I google'd around a bit. What does this message mean? I read a lot of reactions that suggest to fix something on ssh_config on the client side or in sshd_config on the server side. These suggestions did not work for me.
So, how do we debug this?
On the server side, open the firewall on a non-standard port. I used port 222:
iptables -I INPUT -s [client-ip] -p tcp --dport 222 -j ACCEPT
Then I ran sshd in non-forking debug mode on this port:
/usr/sbin/sshd -d -p 222
Then we login from the client, using verbose mode:
ssh -vvv [server]
This generates a lot of logs on both sides. The log on the client side contains:
debug3: Ignored env GTK_IM_MODULE
debug3: Ignored env XAUTHORITY
debug3: Ignored env CCACHE_HASHDIR
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug1: Remote: No xauth program; cannot forward with spoofing.
debug2: channel_input_status_confirm: type 100 id 0
X11 forwarding request failed on channel 0
So, what's the problem? The server has no xauth program. The old versions of the ssh client silently failed when the server had no xauth, this new version is just a little more verbose.