X11Forward and xauth problems

Jon TURNEY jon.turney@dronecode.org.uk
Tue Mar 24 13:35:00 GMT 2015 

On 23/03/2015 21:27, Andrew DeFaria wrote:
> On 3/23/2015 2:06 PM, Jon TURNEY wrote:
>> On 23/03/2015 20:48, Andrew DeFaria wrote:
>>> Normally I just turn on -X (or put X11Forward yes in ~/.ssh/config) but
>>> that usually results in a noticeable delay in logging in and the
>>> following error:
>>>
>>> Warning: untrusted X11 forwarding setup failed: xauth key data not
>>> generated
>>> Warning: No xauth data; using fake authentication data for X11
>>> forwarding.
>>
>> Firstly, if you don't want these warnings, use ssh -Y.
>>
>> (By using ssh -X, you are asking for something which the X server can't
>> give you, hence the warnings.  See
>> http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-trusted-untrusted-x11-forwarding
>>
>> for more details)
>
> Yeah but -Y gives me the same thing:

This is similar, but it is not the same.

> Adefaria-lt:ssh -Y cm-app-ldev01
> Warning: No xauth data; using fake authentication data for X11 forwarding.
> /usr/bin/xauth:  unable to link authority file
> /home/adefaria/.Xauthority, use /home/adefaria/.Xauthority-n
> Cm-app-ldev01:

I think this last message here is unusual, and is coming from xauth 
running on the remote server.  Can you you give a few more details on 
what OS that is running?

If you connect using ssh -vv -Y, you should be able to see the xauth 
commands that sshd is running, and if those, or some other step in the 
connection, is the cause of the delay.

You might also try running those xauth commands in the terminal to 
investigate further.

>>> Adefaria-lt:xhost +
>>> access control disabled, clients can connect from any host
>>> Adefaria-lt:ssh cm-app-ldev01
>>> Cm-app-ldev01:export DISPLAY=adefaria-lt:0
>>> Cm-app-ldev01:xclock
>>> Error: Can't open display: adefaria-lt:0
>>> Cm-app-ldev01:
>>
>> If you want this to work, you will now (since X server 1.17) need to
>> start the server with the option '-listen tcp'.
>
> Restarted Xwin with -multimonitor and -listen tcp. Now I get:

Sorry for any ambiguity, but you have misunderstood what I wrote.

If you want explicitly setting DISPLAY and allowing access using xhost 
to work, you must start the server with the option '-listen tcp'.

-- 
Jon TURNEY
Volunteer Cygwin/X X Server maintainer

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list