[opensuse] A couple of question about ssh
Guys, I have hit a wall. Both with the man pages and google. I been working with forwding X ssh -X me@mybox.mydomain.com /usr/bin/xterm But I am getting this error Warning: No xauth data; using fake authentication data for X11 forwarding. Invalid MIT-MAGIC-COOKIE-1 key/usr/bin/xterm Xt error: Can't open display: myboxi:10.0 I had found this doc that did for for a day http://mactip.blogspot.com/2004/04/no-xauth-data.html but now I keep that error. Here are my sshd setting for X #AllowAgentForwarding yes #AllowTcpForwarding yes GatewayPorts yes X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost no #PrintMotd yes PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none Guys, I have google this until my eyes are crossed and no fixes. My second question. At work I had to add my linux box to Active Directory, so they could count it. I didn't mind, but I am not sure how to ssh to my box now. The use account is CORP\myaccount I have tried do ssh "corp\myacount"@mywork.evilcompany.com but I can't log in. Any thoughts. Payne -- ---------------------------------------- When a place gets crowded enough to require ID's, social collapse is not far away. It is time to go elsewhere. The best thing about space travel is that it made it possible to go elsewhere. -- Robert Heinlein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, May 08, 2009 at 04:48:53PM -0400, Chuck Payne wrote:
Guys,
I have hit a wall. Both with the man pages and google. I been working with forwding X
ssh -X me@mybox.mydomain.com /usr/bin/xterm
But I am getting this error
Warning: No xauth data; using fake authentication data for X11 forwarding. Invalid MIT-MAGIC-COOKIE-1 key/usr/bin/xterm Xt error: Can't open display: myboxi:10.0 I don't think the problem is SSH. I'd be curious about the output from /usr/bin/xauth list. Here, it says:
~/> /usr/bin/xauth list linux-kwmt.site:0 MIT-MAGIC-COOKIE-1 d0114199bcc0a1e3d9bb0fd81c196e86 linux-kwmt/unix:0 MIT-MAGIC-COOKIE-1 d0114199bcc0a1e3d9bb0fd81c196e86 Goggling suggests a display manager problem. http://linux.derkeiler.com/Mailing-Lists/Fedora/2008-10/msg01560.html [ActiveDirectory issue] Not a clue about this. Sounds painful, though. Kurt -- "There is hopeful symbolism in the fact that flags do not wave in a vacuum." -- Arthur C. Clarke -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 9, 2009 at 1:14 AM, Kurt Wall <kwall@kurtwerks.com> wrote:
On Fri, May 08, 2009 at 04:48:53PM -0400, Chuck Payne wrote:
Guys,
I have hit a wall. Both with the man pages and google. I been working with forwding X
ssh -X me@mybox.mydomain.com /usr/bin/xterm
But I am getting this error
Warning: No xauth data; using fake authentication data for X11 forwarding. Invalid MIT-MAGIC-COOKIE-1 key/usr/bin/xterm Xt error: Can't open display: myboxi:10.0 I don't think the problem is SSH. I'd be curious about the output from /usr/bin/xauth list. Here, it says:
~/> /usr/bin/xauth list linux-kwmt.site:0 MIT-MAGIC-COOKIE-1 d0114199bcc0a1e3d9bb0fd81c196e86 linux-kwmt/unix:0 MIT-MAGIC-COOKIE-1 d0114199bcc0a1e3d9bb0fd81c196e86
Goggling suggests a display manager problem.
http://linux.derkeiler.com/Mailing-Lists/Fedora/2008-10/msg01560.html
[ActiveDirectory issue]
Not a clue about this. Sounds painful, though.
Kurt -- "There is hopeful symbolism in the fact that flags do not wave in a vacuum." -- Arthur C. Clarke -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thanks, but that not it. I will keep looking. I have figure out my AD ssh log on. it "\CORP\myname"@mydomain.com -- ---------------------------------------- When a place gets crowded enough to require ID's, social collapse is not far away. It is time to go elsewhere. The best thing about space travel is that it made it possible to go elsewhere. -- Robert Heinlein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 2009-05-08 at 16:48 -0400, Chuck Payne wrote:
I have tried do ssh "corp\myacount"@mywork.evilcompany.com but I can't log in.
If your Linux box has been added to the AD, ssh to it with: ssh corp\\myacount@mywork.evilcompany No quotes. This works for me here. -- Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden Office: Int +46 8-615 60 20 Mobile: Int +46 70-815 1696 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, May 11, 2009 at 3:04 AM, Roger Oberholtzer <roger@opq.se> wrote:
On Fri, 2009-05-08 at 16:48 -0400, Chuck Payne wrote:
I have tried do ssh "corp\myacount"@mywork.evilcompany.com but I can't log in.
If your Linux box has been added to the AD, ssh to it with:
ssh corp\\myacount@mywork.evilcompany
No quotes. This works for me here.
-- Roger Oberholtzer
OPQ Systems / Ramböll RST
Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden
Office: Int +46 8-615 60 20 Mobile: Int +46 70-815 1696
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
If I do that, I see in the logs that it couldn't handle corpmyuser log in because PAM didn't understand, the single quoutes are working just great. -- ---------------------------------------- When a place gets crowded enough to require ID's, social collapse is not far away. It is time to go elsewhere. The best thing about space travel is that it made it possible to go elsewhere. -- Robert Heinlein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 2009-05-11 at 13:53 -0400, Chuck Payne wrote:
On Mon, May 11, 2009 at 3:04 AM, Roger Oberholtzer <roger@opq.se> wrote:
On Fri, 2009-05-08 at 16:48 -0400, Chuck Payne wrote:
I have tried do ssh "corp\myacount"@mywork.evilcompany.com but I can't log in.
If your Linux box has been added to the AD, ssh to it with:
ssh corp\\myacount@mywork.evilcompany
No quotes. This works for me here.
-- Roger Oberholtzer
OPQ Systems / Ramböll RST
Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden
Office: Int +46 8-615 60 20 Mobile: Int +46 70-815 1696
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
If I do that, I see in the logs that it couldn't handle corpmyuser log in because PAM didn't understand, the single quoutes are working just great.
I just did: roger@acme:~> ssh ramse\\roropq@source Password: Last login: Tue Nov 11 08:04:29 2008 from 10.2.16.41 Have a lot of fun... RAMSE\roropq@sto-opq-src:~> And it 'just works'. I see that you are logging in to a Linux box in the AD. I think I missed the part about where you are logging in from. A Linux or a Windows box? I do not think the issue is with the the box you are logging in to. It is the shell you are logging in from. What really needs to be specified to the Linux box is: corp\myacount@mywork.evilcompany
From a Linux shell, you need to escape the \ with another \ to get the \. That is why I type:
corp\\myacount@mywork.evilcompany
From a Windows command shell, I would think it simply would be:
corp\myacount@mywork.evilcompany No need for the quotes or for the escaped \. Perhaps this is all moot as you have it working. -- Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden Office: Int +46 8-615 60 20 Mobile: Int +46 70-815 1696 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Chuck Payne -
Kurt Wall -
Roger Oberholtzer