netmask -- Thanks for your message. >Date: Sat, 7 Aug 2004 08:31:45 -0700 (PDT) >From: netmask <netmask@xxxxxxxxxxxx> > >> Warning: No xauth data; using fake authentication data for X11 forwarding. >> >> This sounds like a possible security problem. Does anyone know what this means? >> I am using window maker, so it is possible this is something that would be cared >> for automatically by gnome. > >Turn on verbose flags when you ssh and see if it's complaining about missing >xauth.. (ssh -v -v user@xxxxxxx). Verbose mode doesn't help me much but maybe you can learn something from it. debug1: channel 0: request pty-req debug3: tty_make_modes: ospeed 38400 debug3: tty_make_modes: ispeed 38400 debug3: tty_make_modes: 1 3 debug3: tty_make_modes: 2 28 (lots more of the tty_make_modes here) debug3: tty_make_modes: 93 0 debug2: x11_get_proto: /usr/X11R6/bin/xauth list unix:12.0 2>/dev/null debug1: Requesting X11 forwarding with authentication spoofing. debug1: channel 0: request x11-req debug1: channel 0: request shell This is verbosity 3 (ssh -vvv hostname); strangely enough the warning I originally asked about disappears when moving from verbosity 2 to verbosity 3. > make sure xauth is in your path It is, and /usr/X11R6/bin/xauth in the debug messages is the correct path (on both machines), and I can run '/usr/X11R6/bin/xauth list unix:(display #)' by hand and it returns a list of cookies with keys. I don't think there is trouble finding xauth. >Alternatively, if you aren't doing X11 forwarding, ... I am. :-) At one point, I thought maybe I needed to generate a key in ~/.Xauthority, but either that wasn't the problem or I did not do it correctly. -- Phil
