[ nedit-Bugs-1015327 ] nc problem using xorg & ssh
SourceForge.net
noreply at sourceforge.net
Fri Mar 2 17:27:12 CET 2007
Bugs item #1015327, was opened at 2004-08-24 10:06
Message generated for change (Settings changed) made by tringali
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111005&aid=1015327&group_id=11005
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Program
Group: None
Status: Closed
>Resolution: Invalid
Priority: 5
Private: No
Submitted By: Frank McNamara (frank_abacus)
Assigned to: Nobody/Anonymous (nobody)
Summary: nc problem using xorg & ssh
Initial Comment:
Hi,
For convenience I do - ssh -X root at localhost in an
xterm so I can do root things without a lot of fuss.
Until I upgraded, and therein changed from XFree to
Xorg, nc worked fine, like all other X applications.
However now I get the following:
root at frank:~# nc
X Error of failed request: BadAtom (invalid Atom
parameter)
Major opcode of failed request: 20 (X_GetProperty)
Atom id in failed request: 0x6a
Serial number of failed request: 20
Current serial number in output stream: 20
X Error of failed request: BadAtom (invalid Atom
parameter)
Major opcode of failed request: 18 (X_ChangeProperty)
Atom id in failed request: 0x1a0
Serial number of failed request: 14
Current serial number in output stream: 14
root at frank:~#
(There's a long pause between the two X Error
messages.) This also happens whatever other user I come
in as.
nedit on its own works fine, but nedit -server gives
this problem.
Is it a configuration problem in Xorg, or a bug in Nedit?
Frank McNamara, MCH Konsulting Sweden.
frank at abacus4.com
VoIP: sip:84614305 at voiptalk.org
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2004-09-24 12:50
Message:
Logged In: NO
This is a problem with OpenSSH 3.8 and greater, they
disabled sending X11Trusted cookies(?) by default, and lots
of X programs are having problems with it. To fix, locate
your ssh_config file and adde the following into it:
ForwardX11Trusted yes
This can be referenced on the openssh faq located at
http://www.openssh.com/faq.html#3.13
----------------------------------------------------------------------
Comment By: Tony Balinski (ajbj)
Date: 2004-09-18 08:34
Message:
Logged In: YES
user_id=618141
Could this not simply be some sort of xhost-type
permissioning problem? Frank is, if I understand correctly,
getting root to open X windows on a X server which was
probably not created with root. Might this have an effect on
the ability to create atoms in the non-root X server?
----------------------------------------------------------------------
Comment By: Frank McNamara (frank_abacus)
Date: 2004-09-15 01:12
Message:
Logged In: YES
user_id=171772
openssh-3.8.1p1
In the ChangeLog I found this:
20031015
...
- markus at cvs.openbsd.org 2003/10/11 08:24:08
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses
xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old
behaviour.
ok deraadt; feedback and ok djm/fries
ForwardX11Trusted=yes needs to go in /etc/ssh/ssh_config
(wherever that might be in your system)
----------------------------------------------------------------------
Comment By: Andrew Hood (ajhood)
Date: 2004-09-14 17:06
Message:
Logged In: YES
user_id=36856
What version of ssh is this? I saw OpenSSH 3.6.1p2 mentioned
at one point.
OpenSSH_3.7.1p2 doesn't have a -Y
----------------------------------------------------------------------
Comment By: Frank McNamara (frank_abacus)
Date: 2004-09-14 09:06
Message:
Logged In: YES
user_id=171772
To quote the man page:
-X Enables X11 forwarding. This can also be
specified on a per-host
basis in a configuration file.
X11 forwarding should be enabled with caution.
Users with the
ability to bypass file permissions on the
remote host (for the
user's X authorization database) can access the
local X11 display
through the forwarded connection. An attacker
may then be able
to perform activities such as keystroke monitoring.
-x Disables X11 forwarding.
-Y Enables trusted X11 forwarding.
I'm not pretending to know what that means, but it does seem
to work!
----------------------------------------------------------------------
Comment By: Scott Tringali (tringali)
Date: 2004-09-14 08:56
Message:
Logged In: YES
user_id=11321
What does -Y do? I can't find a doc on it.
----------------------------------------------------------------------
Comment By: Frank McNamara (frank_abacus)
Date: 2004-09-14 01:14
Message:
Logged In: YES
user_id=171772
That's fixed it - Thanks very much.
That closes this problem for me at any rate.
/Frank
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2004-09-14 01:09
Message:
Logged In: NO
Try using ssh -Y
----------------------------------------------------------------------
Comment By: Frank McNamara (frank_abacus)
Date: 2004-09-14 00:59
Message:
Logged In: YES
user_id=171772
Using matching nc & nedit didn't help at all. Thanks for
asking. The problem is still unresolved.
I should add that sometimes, after a long period of being
logged in it all starts to work! I haven't yet found out
what I'm doing in the mean time. If I ever do work it out
I'll let you all know!
Thanks for the interest - Frank
----------------------------------------------------------------------
Comment By: Nathan Gray (n8gray)
Date: 2004-09-13 16:51
Message:
Logged In: YES
user_id=121553
Did it help to use matching nedit and nc binaries?
----------------------------------------------------------------------
Comment By: Nathan Gray (n8gray)
Date: 2004-08-25 14:13
Message:
Logged In: YES
user_id=121553
It looks like you have mismatched nc and nedit binaries. Try again but
make sure both binaries match.
----------------------------------------------------------------------
Comment By: Frank McNamara (frank_abacus)
Date: 2004-08-25 07:08
Message:
Logged In: YES
user_id=171772
I forgot to mention that I'm using an upgraded Slackware
10.0 (upgraded from 9.1, 9.0,....). I'm using the
vmlinuz-ide-2.4.26 kernel:
uname -a
Linux frank 2.4.26 #6 Mon Jun 14 19:07:27 PDT 2004 i686
unknown unknown GNU/Linux
cat /etc/slackware-version
Slackware 10.0.0
----------------------------------------------------------------------
Comment By: Frank McNamara (frank_abacus)
Date: 2004-08-25 01:04
Message:
Logged In: YES
user_id=171772
nedit -V
NEdit 5.4RC2
Oct 20, 2003
Built on: Linux, 386, GNU C
Built at: Jan 12 2000, 07:21:24
With Motif: 2.1.30 [@(#)Motif Version 2.1.30]
Running Motif: 2.1 [unknown]
Server: The X.Org Foundation 60700000
Visual: 24-bit TrueColor (ID 0x23, Default)
Locale: C
nc -V
nc (NEdit) Version 5.4 (November 2003)
Built on: Linux, 386, GNU C
Built at: Nov 23 2003, 17:08:23
----------------------------------------------------------------------
Comment By: Peter Kovar (peak)
Date: 2004-08-24 15:01
Message:
Logged In: YES
user_id=109269
X Error of failed request: BadAtom (invalid Atom parameter)
Major opcode of failed request: 20 (X_GetProperty)
Atom id in failed request: 0x6e
Serial number of failed request: 20
Current serial number in output stream: 20
xlsatoms -format "0x0%X %s" -range 110
0x06E _MOTIF_DEFAULT_BINDINGS
ssh -X localhost
excerpt from gdb nedit
1148 rootWindow = RootWindow(TheDisplay,
DefaultScreen(TheDisplay));
(gdb)
1151 if (XGetWindowProperty(TheDisplay, rootWindow,
virtKeyAtom, 0, INT_MAX,
(gdb)
X Error of failed request: BadAtom (invalid Atom parameter)
Major opcode of failed request: 20 (X_GetProperty)
Atom id in failed request: 0x6e
Serial number of failed request: 20
Current serial number in output stream: 20
Program exited with code 01.
(gdb)
----------------------------------------------------------------------
Comment By: Scott Tringali (tringali)
Date: 2004-08-24 14:01
Message:
Logged In: YES
user_id=11321
Hm, not problem here with Fedora Core 2 and Xorg 6.7,
OpenSSH 3.6.1p2. Will need to work a bit more to repro it.
----------------------------------------------------------------------
Comment By: Peter Kovar (peak)
Date: 2004-08-24 12:40
Message:
Logged In: YES
user_id=109269
Almost the same error here w/ ssh -X
X Error of failed request: BadAtom (invalid Atom parameter)
Major opcode of failed request: 20 (X_GetProperty)
Atom id in failed request: 0x6e
Serial number of failed request: 30
Current serial number in output stream: 30
nedit -V
NEdit: X server without render extension
NEdit 5.4
Nov 20, 2003
Built on: Linux, Pentium Pro, GNU C 3.5
Built at: Apr 5 2004, 01:24:29
With Motif: 2.1.30 [@(#)Motif Version 2.1.30]
Running Motif: 2.1 [@(#)Motif Version 2.1.30]
Fontconfig: 2.2.2
FreeType: 2.1.8
X FreeType: 2.1.6
Server: The X.Org Foundation 60799902
Visual: 24-bit TrueColor (ID 0x23, Default)
Locale: sk_SK.UTF-8
However connecting directly to X server (pulled from CVS and
compiled yesterday) via TCP/IP i.e. w/o ssh -X works!
Peter Kovář
50 65 74 65 72 20 4B 6F 76 C3 A1 C5 99
----------------------------------------------------------------------
Comment By: Eddy De Greef (edg)
Date: 2004-08-24 11:24
Message:
Logged In: YES
user_id=73597
Please provide the output of the following commands:
nc -V
nedit -V
Did you compile it NEdit yourself?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111005&aid=1015327&group_id=11005
More information about the Develop
mailing list