SSH XForwarding fails - xauth bad display name

ssh xforwarding xauth
44,205

Solution 1

This error occurs when the remote machine doesn't know it's own hostname, or has an incorrect hostname associated with 127.0.1.1 (NOTE: Not 127.0.0.1 which should always resolve to localhost).

To correct it, ensure that the entry in /etc/hosts for 127.0.1.1 matches the machine's FQDN and short hostname.

Solution 2

On the remote machine, edit the file /etc/ssh/sshd_config. Change X11UseLocalhost to yes.

Source http://www.pclinuxos.com/forum/index.php?topic=109487.0

Solution 3

Any time I run into an SSH issue I almost immediately re-run the command with more verbose messaging enabled. I like to use this technique to collect the log file on the server I'm running ssh from. If you need to get more details simply add more -v switches (the maximum is 3).

$ ssh -v user@remoteserver |& tee /path/to/sshv1.log
-or-
$ ssh -vv user@remoteserver |& tee /path/to/sshv2.log

X11 connection rejected because of wrong authentication.

This message is almost always indicative of a permissions problem with your .Xauthority file. You can either move the existing one out of the way temporarily or attempt to fix its ownership & permissions.

$ chown user:group ~/.Xauthority
$ chmod 0600 ~/.Xauthority

If the issue isn't resolved by either of these operations then you can attempt to diagnose the xauth magic cookies themselves.

as local user running ssh

$ xauth list
localhost/unix:13 MIT-MAGIC-COOKIE-1 c77169a6fa8139ea36f538e1c72e1b98

as pinker on server

$ xauth
Using authority file /home/pinker/.Xauthority

Then add the key manually:

xauth> add localhost/unix:13 MIT-MAGIC-COOKIE-1 c77169a6fa8139ea36f538e1c72e1b98

References

Solution 4

I got most of this information from http://openvz.org/X_inside_VE#X_forwarding

Verify X in SSH

After login via SSH, verify that X forwarding is working by looking for the DISPLAY environmental variable:

echo $DISPLAY

The answer should be something like localhost:8.0

Make sure sshd allows X forwarding

Edit /etc/ssh/sshd_config and make sure it has X11Forwarding yes

If not, edit or add the line with X11Fordwarding then restart sshd:

service sshd restart (/etc/init.d/sshd restart is using CentOS 5)

Then log out and in again

Make sure xauth is set up

Make sure the xauth package has been installed. In Debian, this is part of the xbase-clients package.

It's still not working

In the question I am answering, the error message is this: /usr/bin/xauth: (stdin):1: bad display name "pinker-server:10.0" in "remove" command

One possible solution, suggested below, is making sure the relevant line in sshd_config looks like this:

X11UseLocalhost yes

Solution 5

Bumped into this problem after Gentoo upgrade. This page is the first google result for 'add display name unix in add command'. None of the solutions described here helped. The workaround is written in the debian bug description (second link in the fore-mentioned google search page):

sethostname any-name-here

after execution of 'sethostname vvk' I can log in with X-forwarding as before. This answer is typed from the browser which is being run in the very first proper shell logged in on remote server.

Share:
44,205

Related videos on Youtube

Rucent88
Author by

Rucent88

Updated on September 18, 2022

Comments

  • Rucent88
    Rucent88 over 1 year

    I'm trying to setup XForwarding over ssh, but it fails. The same result happens whether I use the argument -X or -Y for ssh. The error I get.

    a@ASUS-N53SM:~$ ssh -X -p 6623 [email protected]
[email protected]'s password: 
Last login: Sun Feb  2 18:42:08 2014 from 192.168.0.201
/usr/bin/xauth: (stdin):1:  bad display name "pinker-server:10.0" in "remove" command
/usr/bin/xauth: (stdin):2:  bad display name "pinker-server:10.0" in "add" command
xdpyinfo:  unable to open display "pinker-server:10.0".

    In the client file ~/.ssh/config

    ForwardX11 yes

    In the client file /etc/ssh/ssh_config (comments removed).

    Host *
ForwardX11 yes
ForwardX11Trusted yes
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes 
GSSAPIDelegateCredentials no

    In the server file /etc/ssh/sshd_config (comments removed).

    Port 6623
Port 6624
Port 6625
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
X11UseLocalhost no
AllowTcpForwarding yes

    I found this similar Question, but none of the answers work.

    UPDATE:

    On the server, I added to the file /etc/hosts.

    127.0.0.1       pinker-server

    On the server, I installed the package xbase-clients. On the ssh connection echo $DISPLAY outputs :0.0.

    Now I'm getting a new error.

    X11 connection rejected because of wrong authentication.
X11 connection rejected because of wrong authentication.
X11 connection rejected because of wrong authentication.
X11 connection rejected because of wrong authentication.
xdpyinfo:  unable to open display "pinker-server:10.0".
  • Rucent88
    Rucent88 over 10 years
    It looks like we might be getting closer to the solution? I have updated the info above. Thank you.
  • slm
    slm over 10 years
    It's generally a bad idea to add a hostname to 127.0.0.1.
  • samiam
    samiam over 10 years
    I've edited the answer to reflect that.
  • slm
    slm over 9 years
    Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.
  • Vladimir Kunschikov
    Vladimir Kunschikov over 8 years
    typical sshd config, nothing special.
  • Jason Robinson
    Jason Robinson about 8 years
    Thanks, that was exactly the case for me on my OpenBSD 5.9 (-current) desktop.
  • Kevin
    Kevin over 7 years
    a good clue that this is the case, is when "xauth list" shows two difference hostnames. root@sdi-playout:~# xauth list ubuntu-NANOCOM-BT/unix:1 MIT-MAGIC-COOKIE-1 ... sdi-playout/unix:0 MIT-MAGIC-COOKIE-1 ...
  • llinfeng
    llinfeng over 4 years
    Thanks! This helped me solve the X-forwarding failure for my VPS.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

X11 forwarding and .Xauthority file
$HOME readonly: /usr/bin/xauth: timeout in locking authority file /home/fooftp/.Xauthority
How to troubleshoot failed X11 forwarding with ssh?
XAUTHORITY environment variable set repeatedly on every login
xauth error with ssh X Forwarding
ssh xauth error Mac OS 10.6.3
How do I use PuTTY with X forwarding when opened by WinSCP?
Xauth/X11 ssh forwarding errors with .Xauthority file not writable
xauth not creating .Xauthority file
VirtualBox over X Forwarding