View previous topic :: View next topic |
Author |
Message |
Moriah Advocate
Joined: 27 Mar 2004 Posts: 2376 Location: Kentucky
|
Posted: Tue Oct 08, 2024 9:34 pm Post subject: ssh -Y stopped working after reboot |
|
|
I have a dual NIC machine I use as an internal firewall. It doesn't get rebooted often, but the other day a power failure alerted me to the fact that the last time I worked on its hardware, I plugged it into a non-battery backed up outlet (my dumb mistake), so the power failure rebooted it. After that, I can no longer forward DISPLAY with ssh -Y root@machine when I log into that machine from another machine. It worked up till the reboot.
I assume that somewhere between that reboot and the previous one (months ago) a routine update clobbered something and caused this annoyance. I checked the /etc/ssh/ files to make sure X11 forwarding was enabled. Since I do log in as root (there are no other usernames on that machine), I suspect something changed to make logging in as root an issue.
Any ideas on what it might be and how to fix this? _________________ The MyWord KJV Bible tool is at http://www.elilabs.com/~myword
Foghorn Leghorn is a Warner Bros. cartoon character. |
|
Back to top |
|
|
dmpogo Advocate
Joined: 02 Sep 2004 Posts: 3400 Location: Canada
|
Posted: Wed Oct 09, 2024 10:56 pm Post subject: Re: ssh -Y stopped working after reboot |
|
|
Moriah wrote: | I have a dual NIC machine I use as an internal firewall. It doesn't get rebooted often, but the other day a power failure alerted me to the fact that the last time I worked on its hardware, I plugged it into a non-battery backed up outlet (my dumb mistake), so the power failure rebooted it. After that, I can no longer forward DISPLAY with ssh -Y root@machine when I log into that machine from another machine. It worked up till the reboot.
I assume that somewhere between that reboot and the previous one (months ago) a routine update clobbered something and caused this annoyance. I checked the /etc/ssh/ files to make sure X11 forwarding was enabled. Since I do log in as root (there are no other usernames on that machine), I suspect something changed to make logging in as root an issue.
Any ideas on what it might be and how to fix this? |
You did not reboot into wayland by chance ? |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20444
|
Posted: Wed Oct 09, 2024 11:22 pm Post subject: |
|
|
What about when you use -v, does it produce anything notable? You can try an additional 2 v's (-vv and -vvv), but the output can sometimes be excessive if fewer v's work. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
Moriah Advocate
Joined: 27 Mar 2004 Posts: 2376 Location: Kentucky
|
Posted: Wed Oct 09, 2024 11:31 pm Post subject: |
|
|
Thanks for the -v to get a debug trace. For some weird reason, xauth was missing on the machine I was loggfing into. I emerged x11-apps/xauth and now it works! _________________ The MyWord KJV Bible tool is at http://www.elilabs.com/~myword
Foghorn Leghorn is a Warner Bros. cartoon character. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22487
|
Posted: Thu Oct 10, 2024 5:17 pm Post subject: |
|
|
Perhaps xauth had been present as a dependency, some other update removed that requirement, and a later emerge --depclean removed xauth. Portage would have told you that xauth was on the list to remove, but you could have missed it.
You could check /var/log/emerge.log to see when xauth was removed. |
|
Back to top |
|
|
Moriah Advocate
Joined: 27 Mar 2004 Posts: 2376 Location: Kentucky
|
Posted: Thu Oct 10, 2024 5:33 pm Post subject: |
|
|
Yes, that's probably what happened. So why isn't xauth on the dependency list for ssh/sshd ? _________________ The MyWord KJV Bible tool is at http://www.elilabs.com/~myword
Foghorn Leghorn is a Warner Bros. cartoon character. |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20444
|
Posted: Thu Oct 10, 2024 8:47 pm Post subject: |
|
|
That is an interesting question. My first guess would be that it isn't an upstream dependency, so it hasn't been made one for Gentoo.
From openssh build output: Code: | LOG: postinst
Install additional packages for optional runtime features:
x11-apps/xauth for x11 forwarding |
_________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22487
|
Posted: Thu Oct 10, 2024 9:17 pm Post subject: |
|
|
ssh and sshd both work fine without xauth installed, for users who choose not to use X11 forwarding. For me, I do not use X11 forwarding over a WAN link, because most X11 programs are too slow to use well in that mode. (Using them over a LAN is fine.) Therefore, I need not install xauth on systems that I will only ever access over a WAN. In my opinion, it is correct that users are not forced to install xauth, and are instead given a pointed hint that it needs to be manually installed. |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3803
|
Posted: Thu Oct 10, 2024 10:08 pm Post subject: |
|
|
You have X11 installed?
You have x11-apps/xauth installed! (if system is up to date).
Here's Code: | equery d x11-apps/xauth
app-emacs/xelb-0.20-r1 (x11-apps/xauth)
x11-apps/xinit-1.4.2 (x11-apps/xauth)
(x11-apps/xauth)
x11-base/xorg-server-21.1.13-r1 (>=x11-apps/xauth-1.0.3)
(>=x11-apps/xauth-1.0.3) | unconditionally, unless system is tweaked, perhaps with /etc/portage/profile/package.provided(untested)ormay help for uninstall history when installed.
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
|