Re: no ssh after Catalina
Re: no ssh after Catalina
- Subject: Re: no ssh after Catalina
- From: Elwood Downey via X11-users <email@hidden>
- Date: Wed, 6 May 2020 14:09:28 -0700
That was it. There was no XAuthLocation at all in /etc/ssh/sshd_config.
After adding and restarting all is well. The date of this file was 4 years
old, so I have to wonder why now?
Anyway, many thanks.
Elwood
On Wed, May 6, 2020 at 12:55 PM Peter Collinson <email@hidden> wrote:
> I think you may find that xauth has moved - and you need to change the
> line in the ssh config files to wherever it is now. I moved to Macports X
> server with Catalina, it’s more recent - but I needed to tell ssh where it
> was.
>
> The relevant line in both ssh config files is:
>
> XAuthLocation /opt/local/bin/xauth
>
> which points to the Macports binary on my machine.
>
> I forget where the line previously pointed - so this may be fake news.
>
> Regards
> *--------------------------------------------------*
> Peter Collinson
>
> On 6 May 2020, at 20:08, Elwood Downey via X11-users <
> email@hidden wrote:
>
> Thanks for the reply.
>
> Yes, */etc/ssh/sshd_config *still contains *X11Forwarding yes*. File date
> is about 4 years ago.
>
> Also just tried reinstalling XQuartz on both sides, no help.
>
> On Tue, May 5, 2020 at 1:44 PM Merle Reinhart <email@hidden>
> wrote:
>
>> Did you verify that sshd_config on the remote side still allows X11
>> forwarding? Apple has a tendency to undo any changes made in those config
>> files when there are updates.
>>
>> Merle
>>
>>
>>
>> > On May 5, 2020, at 4:29 PM, Elwood Downey via X11-users <
>> email@hidden> wrote:
>> >
>> >
>> > Hello!
>> >
>> > ssh -X and ssh -Y both failing:
>> >
>> > from an Apple Air running High Sierra 10.13.6, host air2
>> >
>> > to iMac running Catalina 10.15.4, host ecd-imac27
>> >
>> > All worked fine until latest upgrade of Catalina. Both running XQuartz
>> 2.7.11. Now it fails as follows:
>> >
>> > air2: ssh -X ecd-imac27.local
>> > X11 forwarding request failed on channel 0
>> > Last login: Tue Apr 28 16:20:02 2020 from fe80::873:528c:d42b:c768%en1
>> > ecd-imac27:
>> >
>> > Note I can still create a tunnel connection manually on :1 just fine:
>> >
>> > air2: ssh -R 6001:127.0.0.1:6000 ecd-imac27.local
>> > Last login: Tue Apr 28 16:21:20 2020 from 192.168.7.112
>> > ecd-imac27: setenv DISPLAY :1
>> > ecd-imac27: xeyes displays correctly on air2
>> >
>> > Any idea what happened?
>> >
>> > I've pasted output from "ssh -v" below in case it helps.
>> >
>> > Many thanks,
>> >
>> > Elwood Downey, Tucson AZ
>> >
>> >
>> >
>> >
>> > air2: ssh -v -X ecd-imac27.local
>> > OpenSSH_7.8p1, LibreSSL 2.6.2
>> > debug1: Reading configuration data /etc/ssh/ssh_config
>> > debug1: /etc/ssh/ssh_config line 48: Applying options for *
>> > debug1: /etc/ssh/ssh_config line 52: Applying options for *
>> > debug1: Connecting to ecd-imac27.local port 22.
>> > debug1: Connection established.
>> > debug1: identity file /Users/ecdowney/.ssh/id_rsa type 0
>> > debug1: identity file /Users/ecdowney/.ssh/id_rsa-cert type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_dsa type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_dsa-cert type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_ecdsa type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_ecdsa-cert type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_ed25519 type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_ed25519-cert type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_xmss type -1
>> > debug1: identity file /Users/ecdowney/.ssh/id_xmss-cert type -1
>> > debug1: Local version string SSH-2.0-OpenSSH_7.8
>> > debug1: Remote protocol version 2.0, remote software version OpenSSH_8.1
>> > debug1: match: OpenSSH_8.1 pat OpenSSH* compat 0x04000000
>> > debug1: Authenticating to ecd-imac27.local:22 as 'ecdowney'
>> > debug1: SSH2_MSG_KEXINIT sent
>> > debug1: SSH2_MSG_KEXINIT received
>> > debug1: kex: algorithm: curve25519-sha256
>> > debug1: kex: host key algorithm: ecdsa-sha2-nistp256
>> > debug1: kex: server->client cipher: email@hidden MAC:
>> <implicit> compression: none
>> > debug1: kex: client->server cipher: email@hidden MAC:
>> <implicit> compression: none
>> > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>> > debug1: Server host key: ecdsa-sha2-nistp256
>> SHA256:mt3hyg1EnYyy2azoagAjIZNXeuC+PVYjNXTG1I+nCOc
>> > debug1: Host 'ecd-imac27.local' is known and matches the ECDSA host key.
>> > debug1: Found key in /Users/ecdowney/.ssh/known_hosts:49
>> > debug1: rekey after 134217728 blocks
>> > debug1: SSH2_MSG_NEWKEYS sent
>> > debug1: expecting SSH2_MSG_NEWKEYS
>> > debug1: SSH2_MSG_NEWKEYS received
>> > debug1: rekey after 134217728 blocks
>> > debug1: SSH2_MSG_EXT_INFO received
>> > debug1: kex_input_ext_info:
>> server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
>> > debug1: SSH2_MSG_SERVICE_ACCEPT received
>> > debug1: Authentications that can continue:
>> publickey,password,keyboard-interactive
>> > debug1: Next authentication method: publickey
>> > debug1: Offering public key: RSA
>> SHA256:uP9zayX/QNMPYWtD/d/35DdKuF7qBUDX9CyqQnCmiTQ
>> /Users/ecdowney/.ssh/id_rsa
>> > debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
>> > debug1: Authentication succeeded (publickey).
>> > Authenticated to ecd-imac27.local ([fe80::83b:4089:52ba:8046%en0]:22).
>> > debug1: channel 0: new [client-session]
>> > debug1: Requesting email@hidden
>> > debug1: Entering interactive session.
>> > debug1: pledge: exec
>> > debug1: client_input_global_request: rtype email@hidden
>> want_reply 0
>> > debug1: Remote: /Users/ecdowney/.ssh/authorized_keys:11: key options:
>> agent-forwarding port-forwarding pty user-rc x11-forwarding
>> > debug1: Remote: /Users/ecdowney/.ssh/authorized_keys:11: key options:
>> agent-forwarding port-forwarding pty user-rc x11-forwarding
>> > debug1: Requesting X11 forwarding with authentication spoofing.
>> > debug1: Sending environment.
>> > debug1: Sending env LANG = en_US
>> > debug1: Sending env LC_ALL = C
>> > X11 forwarding request failed on channel 0
>> > Last login: Tue Apr 28 16:19:54 2020 from 192.168.7.112
>> > ecd-imac27: logout
>> >
>> >
>> > --
>> > Elwood Downey
>> > Scientific Programmer
>> > _______________________________________________
>> > Do not post admin requests to the list. They will be ignored.
>> > X11-users mailing list (email@hidden)
>> > Help/Unsubscribe/Update your Subscription:
>> >
>> > This email sent to email@hidden
>>
>>
>
> --
> Elwood Downey
> Scientific Programmer
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> X11-users mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
>
>
--
Elwood Downey
Scientific Programmer
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
| References: | |
| | >[no subject] (From: Elwood Downey via X11-users <email@hidden>) |
| | >Re: (From: Merle Reinhart via X11-users <email@hidden>) |
| | >Re: (From: Elwood Downey via X11-users <email@hidden>) |
| | >Re: (From: Peter Collinson via X11-users <email@hidden>) |