Tiny Core Extensions > TCE Talk

configuring OpenSSH

(1/1)

softwaregurl:
OpenSSH is not configuring the way I would expect it to.  I have gone over the man pages and the config files for Debian and DSL but I still don't understand.

Compiled fine with --prefix=/usr/local --with-privsep-user=nobody --with-privsep-path=/usr/local/var/empty
then copy libssp.so.0 from compiletc to /usr/local/lib/libssp.so.0
named openssh.tcel
depends on openssl-0.9.8h.tcel

This is the /usr/local/etc/ssh_config.

--- Code: ---# Host *
#   ForwardAgent no
   ForwardX11 yes
   ForwardX11trusted yes
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no

--- End code ---
why do I need    ForwardX11trusted yes
If I don't have it I get
--- Code: ---Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
Linux [...]  2.6.18-6-686 #1 SMP Sat Dec 27 09:31:05 UTC 2008 i686

--- End code ---
and

--- Code: ---[...]:~$ xterm &
[1] 7602
[...]:~$ Xlib: connection to "localhost:10.0" refused by server
Xlib: Invalid MIT-MAGIC-COOKIE-1 key
xterm Xt error: Can't open display: localhost:10.0

--- End code ---
with ForwardX11trusted yes everything works fine. I've tryed both ssh -X and ssh -XC.
All kinds of problems with sshd, but first things first.
This might be related to another symptom that in aterm the histories? (pressing up arrow) get mixed up ie: typing in one overwrites the others whether user tc or root.   Or is there something else in TCB i'm overlooking?
using tinycore_1.2 bootcode norestore (would be base except for a zzdata.tce that contains bootlocal.sh and eth0.sh for an undetected card. everything else loads optional.)  no other persistancy.

Thanks all

curaga:
I'm not sure what exactly is your question?

Edit: The -X option uses XSECURITY, an extension not used outside of Debian AFAIK.
If the host X server is not a Debian one, you'd need to use -Y instead of -X.

softwaregurl:
-YC worked.  maybe -XC works from DSL because of its Debian roots.
sshd should be easy now.
That was the piece I was missing, thanks!

softwaregurl:
configuring sshd:
if I log in as user tc or root then try to start an aterm it opens on the wrong computer.
I created user user1 copied over skel and changed ownership.  I get this:
--- Code: ---user1@box:~$ aterm &
user1@box:~$ Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified

aterm: can't open display :0.0

--- End code ---
X11DisplayOffset 10
should start at display 10 or greater
could this be related to startx or xauth?   I specified where xauth is because it's not at the default location.  there is an authdisplay=... line in startx.  I also tryed this just because...
--- Code: ---user1@box:~$ startx

Fatal server error:
Server is already active for display 0
        If this server is no longer running, remove /tmp/.X0-lock
        and start again.

error: could not open display
user1@box:~$

--- End code ---
sshd will look for a file and execute it if found instead of xauth.
about all I know about X is what I've learned from ssh.

Navigation

[0] Message Index