Ubuntu
openssh package

ssh X11 forwarding does not work

Bug #657302 reported by LGB [Gábor Lénárt]
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Won't Fix
Low
Unassigned

Bug Description

I have problems with X11 forwarding via SSH both with lucid and maverick. On both of these systems it simply does not work
saying (for example):

xterm Xt error: Can't open display:
xterm: DISPLAY is not set

In /var/log/auth.log I can find this:

Oct 9 13:46:45 oxygene sshd[11122]: error: Failed to allocate internet-domain X11 display socket.

After trying to strace the sshd process, I found things like this:

11122 bind(10, {sa_family=AF_INET6, sin6_port=htons(6010), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 EADDRNOTAVAIL (Cannot assign requested address)

It's strange for me, since I've disabled IPv6 everywhere, but still it want to use it for some unknown reason ...

I even have -4 option in /etc/default/ssh but it does not help.

HOWEVER, if I stop ssh daemon and launch it "by hand" /usr/sbin/sshd -4 then it works nicely! It's interesting that init script (or upstart?) script of sshd does not honor /etc/default/ssh it seems ... Or it shouldn't do that in maverick anymore?

Yes, I know that problem is caused not having IPv6 in my system by will, but I haven't known that I am forced to have configured IPv6 it was not compulsory in previous versions of Ubuntu distros. Is it possible to use Ubuntu in a normal way (without dirty hacks) if I don't want IPv6 at all? On my network there is no IPv6 capable equipment, so it's totally pointless to have it for any reason but still it does introduces possible security holes etc, I think the best practice not to have _anything_ configured which is not used/needed to avoid resource wasting and maybe even security problems. Like in OpenBSD where the default install is very minimal that's why that only 2 remote holes in the default install since X ages :) :)

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:1777 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1777 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:6642772 (6.6 MB) TX bytes:6642772 (6.6 MB)

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: openssh-server 1:5.5p1-4ubuntu4
ProcVersionSignature: Ubuntu 2.6.35-22.33-generic 2.6.35.4
Uname: Linux 2.6.35-22-generic i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Sat Oct 9 13:52:29 2010
EcryptfsInUse: Yes
ProcEnviron:
 LANGUAGE=en_US:en
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: openssh

Revision history for this message
LGB [Gábor Lénárt] (lgb) wrote :
LGB [Gábor Lénárt] (lgb)
summary: - X11 forwarding does not work
+ ssh X11 forwarding does not work
Revision history for this message
LGB [Gábor Lénárt] (lgb) wrote :

It seems options set in /etc/default/ssh is not used when launching sshd with "service ssh start" but it does if I do "/etc/init.d/ssh start". So even if I have -4 sshd option to workaround the IPv6 problem, it is not used by default ...

Mathias Gug (mathiaz)
Changed in openssh (Ubuntu):
importance: Undecided → Low
Revision history for this message
Jonas (wajs) wrote :

tail -3 /etc/init/ssh.conf
# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
# 'exec' line here instead
exec /usr/sbin/sshd

add -4 to the last line
exec /usr/sbin/sshd -4

and restart ssh

After this X11 forwarding worked for me

Revision history for this message
LGB [Gábor Lénárt] (lgb) wrote :

@Jonas: Yes, I could figure out (even that comment helped you've mentioned as well) just I am wondering why it's useful to break the compatibility, when SSHD_OPTS can be used here, so I don't need to edit a new file to preserve the functionality I've configured in the previous version of the system ...

Revision history for this message
Patrick Cervicek (patrick-ubuntu) wrote :

Instead of edititing /etc/init/ssh.conf ("exec /usr/sbin/sshd -4") you can add "AddressFamily inet" to
/etc/ssh/sshd_config which lets sshd only listen to IPv4.

Revision history for this message
Chuck Short (zulcss) wrote :

This bug report is being closed due to your last comment regarding this being fixed with an update. For future reference you can manage the status of your own bugs by clicking on the current status in the yellow line and then choosing a new status in the revealed drop down box. You can learn more about bug statuses at https://wiki.ubuntu.com/Bugs/Status. Thank you again for taking the time to report this bug and helping to make Ubuntu better. Please submit any future bugs you may find.

Changed in openssh (Ubuntu):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.