X11 forwarding request failed on channel 0

Since upgrading to Fedora 17, I've been getting this message "X11 forwarding request failed on channel 0". I haven't done anything to fix it for a while, but today I got so annoyed with this message, that I decided to fix it.

First I google'd around a bit. What does this message mean? I read a lot of reactions that suggest to fix something on ssh_config on the client side or in sshd_config on the server side. These suggestions did not work for me.

So, how do we debug this?

On the server side, open the firewall on a non-standard port. I used port 222:
iptables -I INPUT -s [client-ip] -p tcp --dport 222 -j ACCEPT
Then I ran sshd in non-forking debug mode on this port:
/usr/sbin/sshd -d -p 222
Then we login from the client, using verbose mode:
ssh -vvv [server]

This generates a lot of logs on both sides. The log on the client side contains:
debug3: Ignored env GTK_IM_MODULE
debug3: Ignored env XAUTHORITY
debug3: Ignored env CCACHE_HASHDIR
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug1: Remote: No xauth program; cannot forward with spoofing.
debug2: channel_input_status_confirm: type 100 id 0
X11 forwarding request failed on channel 0

So, what's the problem? The server has no xauth program. The old versions of the ssh client silently failed when the server had no xauth, this new version is just a little more verbose.

Continue Reading…

© GeekLabInfo X11 forwarding request failed on channel 0 is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

How to generate SSH Fingerprint DNS records

ssh-keygen -f /etc/ssh/ssh_host_rsa_key.pub -r hostname
ssh-keygen -f /etc/ssh/ssh_host_dsa_key.pub -r hostname

You can put the output to your dns zone.

Continue Reading…

© GeekLabInfo How to generate SSH Fingerprint DNS records is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

X11 over SSH

CentOS 5's and Fedora 15's base installations are pretty good prepared to use X11 over SSH. You just need to install one more package on the server you're connecting to: xorg-x11-xauth. According to yum info, the purpose of this package is:
xauth is used to edit and display the authorization information used in connecting to an X server.
This editting probably means synchronising X11 authority cookies between SSH peers.

Installing is done using:
yum install xorg-x11-xauth

Then ssh into the box using:
ssh -X [servername]

© GeekLabInfo X11 over SSH is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...