When I run ssh -X my_host I get the error:
"X11 forwarding request failed on channel 0". (ssh -Y my_host gives the same error)
My host is a Gentoo Linux machine and my client is a macOS Catalina.
Both host and client have xauth installed.
The client has XQuartz-2.7.11 installed.
I have added the lines ForwardX11 yes and X11UseLocalhost no to the /etc/ssh/ssh_config file on the host, but that did not help.
Is there any way to solve this problem?
Possibly relevant information:
xauth list $DISPLAYgives no output on host nor on client.- I have added
XAuthLocation /opt/X11/bin/xauth,ForwardX11Trusted yesandForwardX11 yesin the ".ssh/config" file of the client.
Edit:
the last lines of ssh -vvvX my_host are:
Authenticated to ******.
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: exec
debug3: receive packet: type 80
debug1: client_input_global_request: rtype want_reply 0
debug3: receive packet: type 4
debug1: Remote: /home/user/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 4
debug1: Remote: /home/user/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: x11_get_proto: /opt/X11/bin/xauth list /private/tmp/com.apple.launchd.MRsK0ea50W/org.macosforge.xquartz:0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 1
debug3: send packet: type 98
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x48
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug1: Sending environment.
debug3: Ignored env CONDA_DEFAULT_ENV
debug3: Ignored env CONDA_EXE
debug3: Ignored env CONDA_PREFIX
debug3: Ignored env CONDA_PROMPT_MODIFIER
debug3: Ignored env CONDA_PYTHON_EXE
debug3: Ignored env CONDA_SHLVL
debug3: Ignored env DISPLAY
debug3: Ignored env HOME
debug3: Ignored env JAVA_HOME
debug1: Sending env LC_CTYPE = UTF-8
debug2: channel 0: request env confirm 0
debug3: send packet: type 98
debug3: Ignored env LOGNAME
debug3: Ignored env LaunchInstanceID
debug3: Ignored env PATH
debug3: Ignored env PWD
debug3: Ignored env SECURITYSESSIONID
debug3: Ignored env SHELL
debug3: Ignored env SHLVL
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env TERM
debug3: Ignored env TERM_PROGRAM
debug3: Ignored env TERM_PROGRAM_VERSION
debug3: Ignored env TERM_SESSION_ID
debug3: Ignored env TMPDIR
debug3: Ignored env USER
debug3: Ignored env XPC_FLAGS
debug3: Ignored env XPC_SERVICE_NAME
debug3: Ignored env _CE_CONDA
debug3: Ignored env _CE_M
debug3: Ignored env __CF_USER_TEXT_ENCODING
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: receive packet: type 100
debug2: channel_input_status_confirm: type 100 id 0
X11 forwarding request failed on channel 0
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0log of host:
Aug 31 15:44:52 Jimmy sshd[12245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=**** user=root
Aug 31 15:44:52 Jimmy sshd[12245]: pam_faillock(sshd:auth): Error opening the tally file for root: No such file or directory
Aug 31 15:44:53 Jimmy sshd[12026]: error: PAM: Authentication failure for root from ****
Aug 31 15:44:54 Jimmy sshd[12247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=**** user=root
Aug 31 15:44:54 Jimmy sshd[12247]: pam_faillock(sshd:auth): Error opening the tally file for root: No such file or directory
Aug 31 15:44:56 Jimmy sshd[12026]: error: PAM: Authentication failure for root from ****
Aug 31 15:44:56 Jimmy sshd[12248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=**** user=root
Aug 31 15:44:56 Jimmy sshd[12248]: pam_faillock(sshd:auth): Error opening the tally file for root: No such file or directory
Aug 31 15:44:58 Jimmy sshd[12026]: error: PAM: Authentication failure for root from ****
Aug 31 15:44:58 Jimmy sshd[12026]: Received disconnect from **** port 19854:11: [preauth]
Aug 31 15:44:58 Jimmy sshd[12026]: Disconnected from authenticating user root **** port 19854 [preauth]
Aug 31 15:45:07 Jimmy sshd[11912]: Received disconnect from 81.28.198.29 port 50547:11: disconnected by user
Aug 31 15:45:07 Jimmy sshd[11912]: Disconnected from user my_user 81.28.198.29 port 50547
Aug 31 15:45:07 Jimmy sshd[11910]: pam_unix(sshd:session): session closed for user my_user
Aug 31 15:45:07 Jimmy kernel: elogind-daemon[20296]: Removed session c56.
Aug 31 15:45:13 Jimmy sshd[12253]: Accepted publickey for my_user from **** port 50605 ssh2: RSA SHA256:****
Aug 31 15:45:13 Jimmy kernel: elogind-daemon[20296]: Existing logind session ID 1 used by new audit session, ignoring.
Aug 31 15:45:13 Jimmy kernel: elogind-daemon[20296]: New session c57 of user my_user.
Aug 31 15:45:13 Jimmy sshd[12253]: pam_unix(sshd:session): session opened for user my_user(uid=1000) by (uid=0)1 Answer
on the remote server "X11Forwarding" must be set to "yes" in the sshd config (/etc/ssh/sshd_config).
you don't have to change ssh client config (/etc/ssh/ssh_config) on your client if you use ssh -X
parameters at the ssh command overide defaults from the ssh client config (/etc/ssh/ssh_config) at your local maschine. pay attention to ssh_config vs. sshd_config -and- client vs. server. sshd could be installed on your local maschine too, but client and server only means: one side starts the concection whereas the other accepts connections (while listing).
after successfully login via ssh the DISPLAY variable should be set to something like localhost:10.0 otherwise X11 forwarding won't work.
hint: if you are connecting to a local server (on LAN) you could skip ssh X11 tunneling and simply do export DISPLAY=<clientIP>:0 on the server and issue an "xhost +<serverIPorFQDN>" on your client. this works by far faster than tunneling X through SSH.
