Re: ssh -Y from macOS (11.16.2 Bigsur) to FreeBSD box (12.3)

From: Christoph Kukulies <kuku_at_kukulies.org>
Date: Thu, 10 Feb 2022 09:25:01 UTC
Hi,

Thanks. I wrote the OS-version in the subject.  macOS 11.6.2 BigSur

I have 

X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

in /etc/ssh/sshd_config in me FreeBSD box.

I’m not sure whether I installed XQuartz from Apple or XQuartz.org <http://xquartz.org/>. It used to work. The only change were OS upgrades Catalina-Mojave-Bigsur.
Looks like it’s Apple:



I’m doing it from a Mac terminal not a xterm.

I did not start X11 explicitly. I believe to recall that the macOS window manager accepts X-connections or laumches X11 automatically - Not sure though.

—
Christoph 

> Am 10.02.2022 um 09:55 schrieb Patrick Mahan <plmahan@gmail.com>:
> 
> On Thu, Feb 10, 2022 at 12:00 AM Christoph Kukulies <kuku@kukulies.org <mailto:kuku@kukulies.org>> wrote:
> I recall it had workd in the past but something must have changed. 
> I’m trying to do the following
> 
> 
> 
>  ssh -Y -v pc235
> OpenSSH_8.1p1, LibreSSL 2.7.3
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 47: Applying options for *
> debug1: Connecting to pc235 port 22.
> debug1: Connection established.
> debug1: identity file /Users/kuku/.ssh/id_rsa type 0
> debug1: identity file /Users/kuku/.ssh/id_rsa-cert type -1
> debug1: identity file /Users/kuku/.ssh/id_dsa type -1
> debug1: identity file /Users/kuku/.ssh/id_dsa-cert type -1
> debug1: identity file /Users/kuku/.ssh/id_ecdsa type -1
> debug1: identity file /Users/kuku/.ssh/id_ecdsa-cert type -1
> debug1: identity file /Users/kuku/.ssh/id_ed25519 type 3
> debug1: identity file /Users/kuku/.ssh/id_ed25519-cert type -1
> debug1: identity file /Users/kuku/.ssh/id_xmss type -1
> debug1: identity file /Users/kuku/.ssh/id_xmss-cert type -1
> debug1: Local version string SSH-2.0-OpenSSH_8.1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9 FreeBSD-20200214
> debug1: match: OpenSSH_7.9 FreeBSD-20200214 pat OpenSSH* compat 0x04000000
> debug1: Authenticating to pc235:22 as 'kuku'
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: algorithm: curve25519-sha256
> debug1: kex: host key algorithm: ecdsa-sha2-nistp256
> debug1: kex: server->client cipher: chacha20-poly1305@openssh.com <mailto:chacha20-poly1305@openssh.com> MAC: <implicit> compression: none
> debug1: kex: client->server cipher: chacha20-poly1305@openssh.com <mailto:chacha20-poly1305@openssh.com> MAC: <implicit> compression: none
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug1: Server host key: ecdsa-sha2-nistp256 SHA256:xxxxxxxxxx
> debug1: Host 'pc235' is known and matches the ECDSA host key.
> debug1: Found key in /Users/kuku/.ssh/known_hosts:7
> debug1: rekey out after 134217728 blocks
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: rekey in after 134217728 blocks
> debug1: Will attempt key: /Users/kuku/.ssh/id_rsa RSA SHA256:xxxxxxxxx
> debug1: Will attempt key: /Users/kuku/.ssh/id_dsa 
> debug1: Will attempt key: /Users/kuku/.ssh/id_ecdsa 
> debug1: Will attempt key: /Users/kuku/.ssh/id_ed25519 ED25519 SHA256:xxxxxxx
> debug1: Will attempt key: /Users/kuku/.ssh/id_xmss 
> debug1: SSH2_MSG_EXT_INFO received
> debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug1: Next authentication method: publickey
> debug1: Offering public key: /Users/kuku/.ssh/id_rsa RSA SHA256:xxxxxx
> debug1: Server accepts key: /Users/kuku/.ssh/id_rsa RSA SHA256:xxxxxx
> debug1: Authentication succeeded (publickey).
> Authenticated to pc235 ([192.168.178.34]:22).
> debug1: channel 0: new [client-session]
> debug1: Requesting no-more-sessions@openssh.com <mailto:no-more-sessions@openssh.com>
> debug1: Entering interactive session.
> debug1: pledge: exec
> debug1: client_input_global_request: rtype hostkeys-00@openssh.com <mailto:hostkeys-00@openssh.com> want_reply 0
> debug1: Remote: /home/kuku/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
> debug1: Remote: /home/kuku/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
> debug1: No xauth program.
> Warning: No xauth data; using fake authentication data for X11 forwarding.
> debug1: Requesting X11 forwarding with authentication spoofing.
> debug1: Sending environment.
> debug1: Sending env LANG = de_DE.UTF-8
> Last login: Thu Feb 10 08:44:31 2022 from christophs-macbook-pro.fritz.box
> FreeBSD 12.3-RELEASE-p1 GENERIC 
> 
> Welcome to FreeBSD!
> 
> 
> $ echo $DISPLAY
> localhost:10.0
> $ xclock
> connect /tmp/.X11-unix/X0: No such file or directory
> Error: Can't open display: localhost:10.0
> 
> Any clues?
> 
> 
> First the obvious questions:
> 
> 1. What version of Mac OS X are you running?
> 2. Where did you install XQuartz from?  Apple or XQuartz.org?
> 3. Are trying this from the supplied xterm with XQuartz or terminal.app?
> 
> You might want to install xauth from packages (or ports source).  You might need to enable X11 forwarding in the sshd config on FreeBSD.
>  
> HTH,
> 
> Patrick