after update to 2020.80 X11-forwarding stops working (occurs on 5 different gentoo boxes) ssh to a host shows: X11 forwarding request failed on channel 1 also ssh -v shows (nothing special - except that X11 forwarding fails) ... debug1: Authentication succeeded (publickey). Authenticated to 10.222.225.1 ([10.222.225.1]:22222). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: pledge: exec debug1: Requesting X11 forwarding with authentication spoofing. debug1: Sending environment. debug1: Sending env COLORTERM = truecolor debug1: Sending env LANGUAGE = debug1: Sending env LC_ADDRESS = de_DE.UTF-8 debug1: Sending env LC_NAME = de_DE.UTF-8 debug1: Sending env LC_MONETARY = de_DE.UTF-8 debug1: Sending env LANG = en_US.UTF-8 debug1: Sending env LC_PAPER = de_DE.UTF-8 debug1: Sending env LC_IDENTIFICATION = en_US.UTF-8 debug1: Sending env LC_TELEPHONE = de_DE.UTF-8 debug1: Sending env LC_MESSAGES = en_US.UTF-8 debug1: Sending env LC_MEASUREMENT = de_DE.UTF-8 debug1: Sending env LC_CTYPE = en_US.UTF-8 debug1: Sending env LC_TIME = C debug1: Sending env LC_ALL = debug1: Sending env LC_COLLATE = C debug1: Sending env LC_NUMERIC = de_DE.UTF-8 X11 forwarding request failed on channel 0 emerging stable dropbear-2019.78 version and restarting it fixes the problem.
Could you try with net-misc/dropbear-2020.80-r1 (unlikely to fix, but possible), but failing that, report it upstream?
- r1 is also not working.
(In reply to Jochen Schlick from comment #2) > - r1 is also not working. Reported upstream?
bug fixing time due COVID-lockdown + Xmas holidays :-) It's not working because X11 forwarding is disabled by default since June 2020 from CHANGES: ... 2020.79 - 15 June 2020 ... - CBC ciphers, 3DES, hmac-sha1-96, and x11 forwarding are now disabled by default. They can be set in localoptions.h if required. Blowfish has been removed. ... #################### the localoptions.h contains (after src_prepare() step): ... /* Enable X11 Forwarding - server only */ #define DROPBEAR_X11FWD 0 .... ##################### add the following line to the ebuild src_prepare() section -e '/DROPBEAR_X11FWD /s:0:1:' \ fixes this issue. Am I the only one in gentoo using dropbear as full blown ssh server?
(In reply to Jochen Schlick from comment #4) > bug fixing time due COVID-lockdown + Xmas holidays :-) > > It's not working because X11 forwarding is disabled by default since June > 2020 > > from CHANGES: > ... > 2020.79 - 15 June 2020 > ... > - CBC ciphers, 3DES, hmac-sha1-96, and x11 forwarding are now disabled by > default. > They can be set in localoptions.h if required. > Blowfish has been removed. > ... > Good catch. Maybe it would be better for you to use savedconfig instead? > > Am I the only one in gentoo using dropbear as full blown ssh server? I use dropbear as an emergency client/server. I'm bumping/helping with dropbear just so somebody is.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca104be35e918af32f622d4f2e0850085e36da63 commit ca104be35e918af32f622d4f2e0850085e36da63 Author: Viorel Munteanu <ceamac@gentoo.org> AuthorDate: 2024-04-06 05:52:39 +0000 Commit: Viorel Munteanu <ceamac@gentoo.org> CommitDate: 2024-04-06 05:54:50 +0000 net-misc/dropbear: add 2024.84 Make the tests non-interactive just in case. Disable the tests that fail. Closes: https://bugs.gentoo.org/732294 Bug: https://bugs.gentoo.org/920293 Signed-off-by: Viorel Munteanu <ceamac@gentoo.org> net-misc/dropbear/Manifest | 2 + net-misc/dropbear/dropbear-2024.84.ebuild | 184 +++++++++++++++++++++ .../dropbear/files/dropbear-2024.84-dbscp.patch | 20 +++ .../dropbear-2024.84-non-interactive-tests.patch | 13 ++ 4 files changed, 219 insertions(+)