After setting up a new gentoo system, everything than x11 forwarding workes fine. Other reported bugs or googeling didn't help ;-( Reproducible: Always Steps to Reproduce: 1. emerge openssh 2. ssh remote host 3. start x application (xterm, gvim, ...) Actual Results: error message cannot open display Expected Results: open a display System is a new gentoo system with latest portage tree. Tried with openssh-3.7.1_p2-r1 and openssh-3.9_p1-r1 Bug #49161 din't help ForwardX11 is set. if a do a ssh TO this machine, X11 forwarding works. Shh FROM this machine to others gives that error for X11 forwading. ssh -v -X -Y -4 192.168.1.30: OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to 192.168.1.30 [192.168.1.30] port 22. debug1: Connection established. debug1: identity file /home/axel/.ssh/identity type -1 debug1: identity file /home/axel/.ssh/id_rsa type 1 debug1: identity file /home/axel/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1 debug1: match: OpenSSH_3.9p1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.9p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '192.168.1.30' is known and matches the RSA host key. debug1: Found key in /home/axel/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/axel/.ssh/identity debug1: Offering public key: /home/axel/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: /home/axel/.ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 434 debug1: read PEM private key done: type DSA debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Requesting X11 forwarding with authentication spoofing. emerge info: Portage 2.0.51-r15 (default-linux/x86/2004.3, gcc-3.3.5, glibc-2.3.4.20040808-r1, 2.4.28-gentoo-r5 i686) ================================================================= System uname: 2.4.28-gentoo-r5 i686 Pentium III (Coppermine) Gentoo Base System version 1.4.16 Python: dev-lang/python-2.3.4 [2.3.4 (#1, Jan 31 2005, 12:35:54)] dev-lang/python: 2.3.4 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.5, 1.8.5-r3, 1.6.3, 1.7.9-r1, 1.4_p6, 1.9.4 sys-devel/binutils: 2.15.92.0.2-r1 sys-devel/libtool: 1.5.10-r4 virtual/os-headers: 2.4.21-r1 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O2 -march=pentium3 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=pentium3 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms" GENTOO_MIRRORS="http://gd.tuwien.ac.at/opsys/linux/gentoo" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 X and apache2 apm arts avi bash-completion berkdb bitmap-fonts cdr crypt cups encode esd f77 fam font-server foomaticdb fortran gdbm gif gnome gpm gstreamer gtk gtk2 imagemagick imlib java jpeg junit kde libg++ libwww mad matrox mikmod motif mozilla mpeg mysql ncurses nls oggvorbis opengl openssh oss pam pdflib perl png postgres ppds python qt quicktime readline samba sdl spell ssl svga tcpd tiff truetype truetype-fonts type1-fonts usb xml xml2 xmms xv zlib" Unset: ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS, PORTDIR_OVERLAY
> Shh FROM this machine to others gives that error for X11 forwading. the sshd on the machine you are connecting to needs to have X11Forwarding enabled in sshd_config.
root@pizza axel # grep -i x11 /etc/ssh/*config /etc/ssh/ssh_config: ForwardX11 yes /etc/ssh/sshd_config:X11Forwarding yes Also, I did xhost + Any idea where to start debug or where I can get errormessages? Xorg.0.log sayes nothing When I login from pizza to sine, sine's /var/log/messages says: Feb 3 17:32:53 sine sshd[16341]: Accepted publickey for axel from 192.168.1.10 port 34138 ssh2 Feb 3 17:32:53 sine sshd(pam_unix)[16346]: session opened for user axel by (uid=0) Feb 3 17:32:53 sine PAM-env[16346]: Unknown PAM_ITEM: <XAUTHORITY> Feb 3 17:32:53 sine sshd[16346]: PAM pam_putenv: delete non-existent entry; XAUTHORITY Sine and pizza are both gentoo, same versions. Till one weel ago, pizza was a redhat machine where the x11 stuff with sine worked.
Found A fix: In /etc/security/pam_env.conf, im commenting the line with DISPLAY ###DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} Now it workes, no Idea If that is good or bad ;-)
