DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:reply-to:mime-version:to
	:subject:references:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=uL4eLH1D8xLKgnuE
	QfDGfZ4OV4Ta5k8mpfSjpHBJkKr37DZCZdaVvJDXvep9vsmBv3cqxhdlrw9JExxV
	I1FTcIw/SHc+Ks3euW3NszV7mfEwgoD5SQSiXHFrt2ks3Fik5ixuLkYWUliPqoU9
	HrV1NPfu+bMAsPab2frRXFNXh+U=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Message-ID: <55115B29.8000904@dronecode.org.uk>
Date: Tue, 24 Mar 2015 12:40:09 +0000
From: Jon TURNEY <jon.turney@dronecode.org.uk>
Reply-To: cygwin@cygwin.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Andrew DeFaria <Andrew@DeFaria.com>, cygwin@cygwin.com
Subject: Re: X11Forward and xauth problems
References: <mepu7q$9dr$1@ger.gmane.org> <55108046.1070206@dronecode.org.uk> <meq0g3$hob$1@ger.gmane.org>
In-Reply-To: <meq0g3$hob$1@ger.gmane.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

On 23/03/2015 21:27, Andrew DeFaria wrote:
> On 3/23/2015 2:06 PM, Jon TURNEY wrote:
>> On 23/03/2015 20:48, Andrew DeFaria wrote:
>>> Normally I just turn on -X (or put X11Forward yes in ~/.ssh/config) but
>>> that usually results in a noticeable delay in logging in and the
>>> following error:
>>>
>>> Warning: untrusted X11 forwarding setup failed: xauth key data not
>>> generated
>>> Warning: No xauth data; using fake authentication data for X11
>>> forwarding.
>>
>> Firstly, if you don't want these warnings, use ssh -Y.
>>
>> (By using ssh -X, you are asking for something which the X server can't
>> give you, hence the warnings.  See
>> http://x.cygwin.com/docs/faq/cygwin-x-faq.html#q-trusted-untrusted-x11-forwarding
>>
>> for more details)
>
> Yeah but -Y gives me the same thing:

This is similar, but it is not the same.

> Adefaria-lt:ssh -Y cm-app-ldev01
> Warning: No xauth data; using fake authentication data for X11 forwarding.
> /usr/bin/xauth:  unable to link authority file
> /home/adefaria/.Xauthority, use /home/adefaria/.Xauthority-n
> Cm-app-ldev01:

I think this last message here is unusual, and is coming from xauth 
running on the remote server.  Can you you give a few more details on 
what OS that is running?

If you connect using ssh -vv -Y, you should be able to see the xauth 
commands that sshd is running, and if those, or some other step in the 
connection, is the cause of the delay.

You might also try running those xauth commands in the terminal to 
investigate further.

>>> Adefaria-lt:xhost +
>>> access control disabled, clients can connect from any host
>>> Adefaria-lt:ssh cm-app-ldev01
>>> Cm-app-ldev01:export DISPLAY=adefaria-lt:0
>>> Cm-app-ldev01:xclock
>>> Error: Can't open display: adefaria-lt:0
>>> Cm-app-ldev01:
>>
>> If you want this to work, you will now (since X server 1.17) need to
>> start the server with the option '-listen tcp'.
>
> Restarted Xwin with -multimonitor and -listen tcp. Now I get:

Sorry for any ambiguity, but you have misunderstood what I wrote.

If you want explicitly setting DISPLAY and allowing access using xhost 
to work, you must start the server with the option '-listen tcp'.

-- 
Jon TURNEY
Volunteer Cygwin/X X Server maintainer

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple