Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Openssh 3.9p1: ControlPath children can't run X windows applications (or

from [William Stearns] Network Security [Permanent Link]
Subject: Openssh 3.9p1: ControlPath children can't run X windows applications (or change user)
Date: Tue, 11 Jan 2005 01:52:43 -0500 (EST)
Good evening, all,
I'm running OpenSSH 3.9p1-7 from Fedora core 3. I just started using ControlPath - very nice!
While I can successfully run X windows applications in the ControlMaster window, I can't run those same applications in the any of the ssh sessions that run inside the Master. For this experiment, I have
"ForwardX11Trusted yes" in the "Host *" section of ~/.ssh/config :


ssh root-zaphod -M -v
[snip]
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Requesting authentication agent forwarding.
Last login: Tue Jan 11 01:27:18 2005 from 68-169-201-54.sbtnvt.adelphia.net
[root@zaphod root]# xeyes &
[1] 5640
[root@zaphod root]# debug1: client_input_channel_open: ctype x11 rchan 4 win 65536 max 16384
debug1: client_request_x11: request from 127.0.0.1 52209
debug1: channel 1: new [x11]
debug1: confirm x11
debug1: channel 2: new [client-session]

and xeyes starts up just fine on my local machine. Now if I start a second shell:

[wstearns@sparrow tmp]$ ssh -v root-zaphod
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /home/wstearns/.ssh/config
debug1: Applying options for root-zaphod
debug1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: /etc/ssh/ssh_config line 45: Deprecated option "FallBackToRsh"
debug1: /etc/ssh/ssh_config line 46: Deprecated option "UseRsh"
Last login: Tue Jan 11 01:28:50 2005 from 68-169-201-54.sbtnvt.adelphia.net
[root@zaphod root]# echo $DISPLAY

[root@zaphod root]#

        And since there's no DISPLAY set:

[root@zaphod root]# xclock &
[1] 6055
[root@zaphod root]# Error: Can't open display:

[1]+  Exit 1                  xclock
[root@zaphod root]#


I honestly don't know if this is an issue with ControlPath, an issue with Portable OpenSSH, or an issue with Redhat/Fedora's package. If you're using OpenSSH 3.9, would you be willing to try running an X application in both the Master and Slave windows?
If you haven't used ControlMaster before, you only need to make two changes. Add this line to the appropriate stanza of ~/.ssh/config :

    ControlPath    /home/wstearns/.ssh/sockets/root-zaphod

and add the "-M" to the command line of the Master, leaving it off for the slave.


As a side note, ControlPath also appears to be incompatible with "-l username" and "username@" command line options, but I strongly suspect this is intentional.
Cheers,
- Bill

---------------------------------------------------------------------------
ACHTUNG!
Das machine is nicht fur gefingerpoken und mittengrabben. Ist
easyschnappen der springenwerk, blowenfusen und corkenpoppen
mitspitzensparken. Ist nicht fur gewerken by das dummkopfen. Dasrubbernecken sightseeren keepen hands in das pockets. Relaxen undvatch das blinkenlights!!!
--------------------------------------------------------------------------
William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org
--------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: problems connecting from Windows, James Wilson
Next by Date:  Re: problems connecting from Windows, Darren Tucker
Previous by Thread:  problems connecting from Windows, James Wilson
Next by Thread:  Re: Openssh 3.9p1: ControlPath children can't run X windows applications (or change user), William Stearns
Indexes:  [Date] [Thread] [Top] [All Lists]