[Bug 1047261] New: ssh login does not mount encrypted home directory - cannot forward X traffic for users with encrypted home dir
http://bugzilla.opensuse.org/show_bug.cgi?id=1047261 Bug ID: 1047261 Summary: ssh login does not mount encrypted home directory - cannot forward X traffic for users with encrypted home dir Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: x86-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: tomas.kuchta@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- openSuSE Leap 42.3 Build 300 Encrypted overlay image is not mounted at ssh login Thus ssh is unable to forward X traffic for users with encrypted home directory or access user files. Root cause: ----------- Encrypted overlay image is not mounted at ssh login Errors observed: ----------------
ssh -X tomask@localhost Password: Last login: Tue Jul 4 20:06:28 2017 from ::1 Have a lot of fun... /usr/bin/xauth: timeout in locking authority file /home/tomask/.Xauthority exit logout Connection to localhost closed.
harry@gurkin:~> ssh -Y tomask@localhost Password: Last login: Tue Jul 4 20:07:23 2017 from ::1 Have a lot of fun... /usr/bin/xauth: timeout in locking authority file /home/tomask/.Xauthority
ls -l /home/tomask/.Xauthority ls: cannot access '/home/tomask/.Xauthority': No such file or directory
When logging in from TTY2 (Alt+Ctrl+F2): ----------------------------------------
ls -l /home/tomask/.Xauthority -rw------- 1 tomask users 113 Jul 4 20:06 /home/tomask/.Xauthority
How to reproduce: ----------------- 1. Create user with encrypted home directory using: yast2 users 2. run: ssh -X user@localhost ssh -Y user@localhost 3. see that the encrypted overlay image is not mounted by: mount | grep home If the crypto image is mounted (as when using tty login) you should see message like this:
mount | grep home /dev/mapper/_dev_loop0 on /home/tomask type ext3 (rw,relatime,data=ordered,helper=crypt)
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1047261
http://bugzilla.opensuse.org/show_bug.cgi?id=1047261#c1
Fabian Vogt
participants (1)
-
bugzilla_noreply@novell.com