| View previous topic :: View next topic |
| Author |
Message |
Guybrush
Tux's lil' helper
Joined: 06 Feb 2003
Posts: 99
Location: 48°27'N, 11°8'O
|
 Posted: Mon Feb 07, 2005 7:29 pm Post subject: |
 |
|
Hi wrs4,
the "su"-problem is discussed in the gentoo FAQs.
You can find it under http://www.gentoo.org/doc/en/faq.xml#su.
Regarding your ssh problem, is it working on either machine when you ssh to localhost? This is just to figure out whether it is really a problem with your gentoo box. |
|
| Back to top |
|
 |
WolfmanJack1973
n00b
Joined: 12 Apr 2005
Posts: 1
Location: Liège, Belgium
|
| Posted: Tue Apr 12, 2005 2:37 pm Post subject: ssh -X -Y remotehost |
|
|
Hi all,
Adding -Y to ssh -X fixes the problem for me. It may also work for you.
Hope this helps,
Christophe |
|
| Back to top |
|
|
jarav
n00b
Joined: 13 Dec 2004
Posts: 2
|
| Posted: Tue May 03, 2005 10:48 pm Post subject: |
|
|
| Guybrush wrote: | Alternatively to commenting out lines in /etc/security/pam_env.conf I found
two alternative solutions (which at least work for me until now):
1.Disable the use of PAM for your ssh-server in /etc/ssh/sshd_config: UsePAM no (or commenting UsePAM yes out)
2. Change file /etc/pam.d/sshd
| Code: | ...
password required pam_stack.so service=system-auth
session optional pam_xauth.so
session required pam_stack.so service=system-auth
|
Now I'm using the 2nd variant with simply adding "session optional pam_xauth.so" in the pam configuration file for sshd. |
I found that to resolve the problem I didn't have to disable PAM or comment out the two lines in pam_en.conf. All i had to do was remove the DEFAULT entry in the DISPLAY line in pam_env.conf:
DISPLAY DEFAULT= OVERRIDE=${DISPLAY}
Also i had to set
X11Forwarding yes
in /etc/ssh/sshd_config. That was all.
jarav |
|
| Back to top |
|
|
Alighieri
Tux's lil' helper
Joined: 27 Jan 2005
Posts: 88
|
| Posted: Tue May 10, 2005 10:46 pm Post subject: |
|
|
No, this is all really f**king broken. The only way that X11 forwarding works is to comment out all the crap in pam_env.conf. Looking at the source, it appears to be someone's "wouldn't it be cool if..." project.
| Quote: |
# $Date: 2005/02/25 20:31:28 $
# $Author: azarah $
# $Id: pam_env.conf,v 1.3 2005/02/25 20:31:28 azarah Exp $
#
# This is the configuration file for pam_env, a PAM module to load in
# a configurable list of environment variables for a
#
# The original idea for this came from Andrew G. Morgan ...
#<quote>
# Mmm. Perhaps you might like to write a pam_env module that reads a
# default environment from a file? I can see that as REALLY
# useful... Note it would be an "auth" module that returns PAM_IGNORE
# for the auth part and sets the environment returning PAM_SUCCESS in
# the setcred function...
#</quote>
#
# What I wanted was the REMOTEHOST variable set, purely for selfish
# reasons, and AGM didn't want it added to the SimpleApps login
# program (which is where I added the patch). So, my first concern is
# that variable, from there there are numerous others that might/would
# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER .....
|
It would be nice if devs would refrain from adding uneeded complexity in the form of their pet projects. If you leave the "DISPLAY" lines uncommented in pam_env.conf and type "ssh -X <host>" and then "echo $DISPLAY" notice that the display is NOT passed back through the encrypted tunnel which defeats the intent of the -X command switch. If I comment everything out in pam_env.conf, then I can get the correct behavior from "ssh -X", namely the display variable is set to the encrypted tunnel.
The odd part is that putting "ForwardX11 yes" in ssh_config has no effect. I believe this is an entirely unrelated bug. |
|
| Back to top |
|
|
voytas
Apprentice
Joined: 31 Mar 2004
Posts: 203
Location: Poland, Lodz
|
| Posted: Thu May 19, 2005 9:33 am Post subject: |
|
|
do uoy have USE_LOGIN set?
it seems that it prevented me from X forwarding...
is it better to have UsePAM set or not ? (for the security)
_________________
LAPTOP: ThinkPad T530 |
|
| Back to top |
|
|
krishna
n00b
Joined: 25 Jun 2005
Posts: 2
|
| Posted: Sat Jun 25, 2005 6:21 pm Post subject: Thanks |
|
|
| thanks a ton! It worked |
|
| Back to top |
|
|
krishna
n00b
Joined: 25 Jun 2005
Posts: 2
|
| Posted: Sat Jun 25, 2005 6:22 pm Post subject: Re: X Forwarding no longer working |
|
|
| Quote: | **EDIT**
I fixed my problem. I reverted 2 of the changes in /etc/security/pam_env.conf. Specifically, I commented out
| Code: | REMOTEHOST DEFAULT= OVERRIDE=@{PAM_RHOST}
DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} |
|
Thanks a lot it worked |
|
| Back to top |
|
|
swingkyd
Guru
Joined: 13 Jan 2005
Posts: 334
|
| Posted: Tue Dec 13, 2005 7:10 pm Post subject: |
|
|
This is what I used to get it working (thanks fzxdude). for me it was running any X program! I had to restart the X server for the changes to take effect.
Do you suppose the same problem will occur if I restart my computer? |
|
| Back to top |
|
|
colschmi
n00b
Joined: 09 Jun 2008
Posts: 8
Location: Chicago, IL
|
| Posted: Mon Jun 09, 2008 10:02 pm Post subject: |
|
|
| What designates a comment in the file type? everything has a '#' next to it already... is it a '!" ?? file I am referring to is Pam_env.conf |
|
| Back to top |
|
|
|
Desktop Environments
