Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: X11 tuneling: a hard to fix problem

from [ilaiy] Network Security [Permanent Link]
Subject: Re: X11 tuneling: a hard to fix problem
Date: Wed, 19 Apr 2006 10:18:15 -0500 
Use xhost +;ssh -l <uid> <ip>

once you are done use xhost -;

./thanks
ilaiy

On 4/18/06, Nader Amadeu <nader@chemie.fu-berlin.de> wrote:

Hi all, I've googled for more than a week trying to
fix this SSH X11 tuneling problem.
I appreciate some help and thank you in advance.

I have a remote Solaris 9 with the following options in /etc/ssh/sshd_config:
X11Forwarding yes
X11DisplayOffset 10
ForwardX11Trusted yes

Then I ssh it from my local desktop: (only most important lines here)

[localdesktop]% ssh -vvv -XY user@remoteserver
OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to remoteserver [ip.address.here] port 22.
debug1: Connection established.
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
debug1: match: OpenSSH_4.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903
debug2: fd 3 setting O_NONBLOCK
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: x11_get_proto: /usr/X11R6/bin/xauth  list :0.0 . 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 0
debug2: channel 0: request shell confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072

Now in the remoteserver:

user@remoteserver % echo $DISPLAY
        DISPLAY: Undefined variable
user@remoteserver % netstat -a
        remoteserver.ssh        localdesktop.51899 66608     47 66608      0 
ESTABLISHED

Even if i setenv DISPLAY to localhost:10, 11, 12 ... it does not work.
And from this netstat output I cannot find the X11 tuneling channel.
In another attempt below I have the following different debug messages:


[localdesktop]% ssh -vvv -o "ForwardX11Trusted no" user@remoteserver
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-9xszkw26hB/xauthfile 
generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-9xszkw26hB/xauthfile 
list :0.0 . 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0


and again DISPLAY is an undefined variable.
Could anyone help me to get this X11 tunelling work?
Thanks all very much,
nader
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Permission denied, please try again, Christ, Bryan
Next by Date:  Re: Permission denied, please try again, Christ, Bryan
Previous by Thread:  Re: X11 tuneling: a hard to fix problem, Shawn Badger
Next by Thread:  Re: X11 tuneling: a hard to fix problem, Francois . Bolduc
Indexes:  [Date] [Thread] [Top] [All Lists]