Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Some servers do not forward X11, but I do not know why.

from [Mark Senior] Network Security [Permanent Link]
Subject: RE: Some servers do not forward X11, but I do not know why.
Date: Fri, 9 Dec 2005 10:14:45 -0700 
Interesting...

Do you have lsof available on the hosts where you can't get X
forwarding?  lsof -i should tell you all the processes with ports open,
you can verify if there is some process hogging all 999 ports...

If not, some versions of netstat can also show you the PID of the
process that has the socket open.

Regards
Mark

-----Original Message-----
From: Christopher L. Barnard [mailto:cbar44@tsg.cbot.com] 
Sent: December 8, 2005 13:23
To: secureshell@securityfocus.com
Cc: Christopher L. Barnard
Subject: Re: Some servers do not forward X11, but I do not know why.


On 12/6/05, Christopher L. Barnard <cbar44@tsg.cbot.com> wrote:


I have two identical Sun Solaris 9 servers.  Both are running OpenSsh 
version 4.2p1.  Both have identical ssh_config and sshd_config files.



One allows me to run X programs and they are displayed back on my

desktop.

The other one reports

Error: Can't open display:

What am I missing to force this server to set the DISPLAY variable so 
that
X11 will be forwarded?  As I say the ssh_config and sshd_config files 
are identical with a server that works, and in particular ssh_config:

ForwardX11 yes

and sshd_config:

X11Forwarding yes
X11UseLocalhost no



To add some information:
not only is xhost not used, the binary is deleted if it exists every
night on all servers by cron.  Xhost is Evil (tm).

Xauth is not the issue.  It is in the same place on all servers.

I have figured out what the problem is, but not how to solve it.
Running the daemon in 3-layer-deep debug mode (-ddd) I discovered that
the reason the server is responding "Error: Can't open display:" is

debug2: bind port 6260: Address already in use

repeated 999 times, for the 999 ports from port 6000 to port 6999.  Then
the two messages Failed to allocate internet-domain X11 display socket.
debug1: x11_create_display_inet failed.

I am ssh-ed in, but I do not have X.

The server is busy, with about 200 ssh connections to it, but nowhere
near the 999 maximum X tunnelling number...

+-----------------------------------------------------------------------
+
| Christopher L. Barnard         O     When I was a boy I was told that
|
| cbarnard@tsg.cbot.com         / \    anybody could become president.
|
| (312) 347-4901               O---O   Now I'm beginning to believe it.
|
| http://www.cs.uchicago.edu/~cbarnard                --Clarence Darrow
|
+----------PGP public key available via finger or PGP 
+keyserver---------+

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. If 
you have received this email in error please notify the system manager. This 
message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Some servers do not forward X11, but I do not know why., Leif Nixon
Next by Date:  Re: SFTP only, Marco . Correnti
Previous by Thread:  RE: Some servers do not forward X11, but I do not know why., Young, Randy
Next by Thread:  X11 forwarding problem, Jay D. McHugh
Indexes:  [Date] [Thread] [Top] [All Lists]