https://bugzilla.mindrot.org/show_bug.cgi?id=2636
Bug ID: 2636
Summary: Fix X11 forwarding, when ::1 is not configured
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: minor
Priority: P5
Component: sshd
Assignee: [email protected]
Reporter: [email protected]
When IPv6 loopback is disabled on a host, X11 forwarding fails.
tomas@tkuthan-cz:~$ ipadm show-addr lo0
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
tomas@tkuthan-cz:~$ ssh -XY localhost xterm
X11 forwarding request failed on channel 0
xterm: Xt error: Can't open display:
xterm: DISPLAY is not set
tomas@tkuthan-cz:~$
Syslog shows the following error:
Nov 9 15:36:39 tkuthan-cz sshd[5046]: [ID 800047 auth.error] error:
Failed to allocate internet-domain X11 display socket
This is caused by bind() failing with EADDRNOTAVAIL on ::1 in
x11_create_display_inet.
When this particular error is returned by bind, it is safe to continue
with the next address returned by getaddrinfo(), because in that case
there is no risk of forwarded X11 connections being hijacked
(CVE-2008-1483).
Binding to 127.0.0.1 succeeds and makes X11 forwarding work again.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
