Ubuntu
openssh package

debug1: Remote: No xauth program; cannot forward with spoofing.

Bug #582251 reported by arturj
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Fix Released
Undecided
Unassigned
Lucid
Fix Released
High
Unassigned

Bug Description

STABLE RELEASE UPDATE:

Impact: X forwarding is not usable after a fresh install of openssh-server, unless x11-common is also installed.

Development branch: Bug has been addressed by using /usr/bin/xauth rather than /usr/bin/X11/xauth. We used the /usr/bin/X11 symlink to smooth X's move to /usr/bin, but at some point xauth stopped depending on x11-common so this no longer automatically works, and X's move is a long time in the past now so we might as well just use the new path.

Patch: http://bazaar.launchpad.net/~cjwatson/ubuntu/lucid/openssh/lucid-proposed/revision/3201

TEST CASE: Install openssh-server on a fresh server install. From another machine running an X session, connect to it using 'ssh -X'. If and only if this bug is fixed, the DISPLAY environment variable should be set.

Regression potential: We should check that X forwarding still works, and that OpenSSH in general still seems to function normally.

Original bug report:

Fresh installation of a LUCID server (AMD64) has following major issue:

X11Forwarding does not work anymore. Running the ssh-client (again from Lucid Desktop) like this "ssh -v servername" throws:

...
debug1: Remote: No xauth program; cannot forward with spoofing.
...

Running "strings /usr/sbin/sshd |grep xauth" on the remote server shows that sshd is looking for xauth in this path:
/usr/bin/X11/xauth

But this does NOT exist until the package "x11-common" is installed.

Hint: Package "xauth" which is automatically installed by openssh-server has its binary in "/usr/bin".

Suggestion: SSHD should be fixed to look for xauth in the right directory or openss-server package should be fixed to depend on x11-common package instead xauth

There are many other X11-Forwarding bug reports - maybe related to this issue.

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: openssh-server 1:5.3p1-3ubuntu3
ProcVersionSignature: Ubuntu 2.6.32-22.33-generic 2.6.32.11+drm33.2
Uname: Linux 2.6.32-22-generic x86_64
Architecture: amd64
Date: Tue May 18 15:28:14 2010
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
ProcEnviron:
 PATH=(custom, user)
 LANG=de_DE.utf8
 SHELL=/bin/bash
SourcePackage: openssh

See original description
Revision history for this message
arturj (arturj-freenet) wrote :
Revision history for this message
arturj (arturj-freenet) wrote :

In KARMIC xauth depends on x11-common, another solution to this.

Revision history for this message
Colin Watson (cjwatson) wrote :

The problem is that some people seem not to have a /usr/bin/X11 -> . symlink, though it's present on my Lucid installation so I'm not quite clear on what's going on. In any case, Maverick's OpenSSH packaging now uses /usr/bin/xauth instead (see bug 8440). There's a backport in https://launchpad.net/~cjwatson/+archive/openssh if you want.

Revision history for this message
Colin Watson (cjwatson) wrote :

Ah, yes, you're right that that symlink is shipped by x11-common. But in any case it's moot for Maverick, although it might be worth fixing that way for Lucid. I'll open a bug task for that.

Changed in openssh (Ubuntu):
status: New → Fix Released
Colin Watson (cjwatson)
description: updated
Changed in openssh (Ubuntu Lucid):
status: New → Triaged
importance: Undecided → High
Revision history for this message
Steve Langasek (vorlon) wrote : Please test proposed package

Accepted into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in openssh (Ubuntu Lucid):
status: Triaged → Fix Committed
tags: added: verification-needed
Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

Tested in fresh ubuntu-server install (with the openssh-server task). After installing the version from lucid-proposed an .Xauthority file is now created and the DISPLAY variable is now set.

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssh - 1:5.3p1-3ubuntu4

---------------
openssh (1:5.3p1-3ubuntu4) lucid-proposed; urgency=low

  * Backport from trunk:
    - Hardcode the location of xauth to /usr/bin/xauth rather than
      /usr/bin/X11/xauth (thanks, Aron Griffis; LP: #582251). xauth no
      longer depends on x11-common, so we're no longer guaranteed to have
      the /usr/bin/X11 symlink available.
 -- Colin Watson <email address hidden> Tue, 18 May 2010 18:10:23 +0100

Changed in openssh (Ubuntu Lucid):
status: Fix Committed → Fix Released
Ubuntu Foundations Team Bug Bot (crichton)
tags: added: testcase
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.