Xauth/X11 ssh forwarding errors with .Xauthority file not writable
Solution 1
This seems to be an already known issue reported at Redhat's bugzilla, so I'll "close" this question and continue reporting to that bug report.
Solution 2
I had same issue after syncing my home folder on Ubuntu 12.04. I resolved it using following commands:
rm ~/.Xaut*
Then I logged out and re-logged in. Following warning arisen:
/usr/bin/xauth: file /home/iranice/.Xauthority does not exist
After that, Linux created .Xauthority
file automatically. I logged out and re-logged in and everything was OK.
Solution 3
For me I had this error :
/usr/bin/xauth: error in locking authority file /home/toto/.Xauthority
because my /home partition was full.
Freeing some space on this partition solved this issue.
The strace command: strace -oout -f -s9000 xauth list
has been useful in identifying the problem.
Related videos on Youtube
hlovdal
Updated on September 18, 2022Comments
-
hlovdal over 1 year
When logging in with
ssh -Y remotehost
I get the following error message:/usr/bin/xauth: /home/hlovdal/.Xauthority not writable, changes will be ignored
And xclock and similar fails to start. There is nothing wrong with the permissions of the .Xauthority file despite the error message.
(hlovdal) remotehost:~>xclock X11 connection rejected because of wrong authentication. X11 connection rejected because of wrong authentication. X11 connection rejected because of wrong authentication. X11 connection rejected because of wrong authentication. Error: Can't open display: localhost:10.0 (hlovdal) remotehost:~>ls -l /home/hlovdal/.Xauthority -rw-------. 1 hlovdal hlovdal 70 Jul 25 23:30 /home/hlovdal/.Xauthority (hlovdal) remotehost:~>
What might be the cause here?
(This is between my two laptops where I have shh-ed back and forth hundreds of times before.)
Update:
While debugging further, xauth again complained that it could not write to .Xauthority This does not make sense since the file is writable by my user, and out of curiously I ran strace to see exactly what it tried to do.
(hlovdal) remotehost:~>xauth list xauth: /home/hlovdal/.Xauthority not writable, changes will be ignored (hlovdal) remotehost:~>strace -oout -f -s9000 xauth list xauth: error in locking authority file /home/hlovdal/.Xauthority (hlovdal) remotehost:~>tail out 16634 brk(0xf03000) = 0xf03000 16634 brk(0) = 0xf03000 16634 rt_sigaction(SIGINT, {0x4050d0, [INT], SA_RESTORER|SA_RESTART, 0x3957035350}, {SIG_DFL, [], 0}, 8) = 0 16634 rt_sigaction(SIGTERM, {0x4050d0, [TERM], SA_RESTORER|SA_RESTART, 0x3957035350}, {SIG_DFL, [], 0}, 8) = 0 16634 rt_sigaction(SIGHUP, {0x4050d0, [HUP], SA_RESTORER|SA_RESTART, 0x3957035350}, {SIG_DFL, [], 0}, 8) = 0 16634 rt_sigaction(SIGPIPE, {0x4050d0, [PIPE], SA_RESTORER|SA_RESTART, 0x3957035350}, {SIG_DFL, [], 0}, 8) = 0 16634 stat("/home/hlovdal/.Xauthority-c", {st_mode=S_IFREG|0600, st_size=0, ...}) = 0 16634 open("/home/hlovdal/.Xauthority-c", O_WRONLY|O_CREAT|O_EXCL, 0600) = -1 EEXIST (File exists) 16634 write(2, "xauth: error in locking authority file /home/hlovdal/.Xauthority\n", 66) = 66 16634 exit_group(1) = ? (hlovdal) remotehost:~>ls -l .Xauthority* -rw-------. 1 hlovdal hlovdal 70 Jul 25 23:30 .Xauthority -rw-------. 2 hlovdal hlovdal 0 Jul 26 01:26 .Xauthority-c -rw-------. 2 hlovdal hlovdal 0 Jul 26 01:26 .Xauthority-l (hlovdal) remotehost:~>
This explains better why xauth fails since it fails to create .Xauthority-c. But removing those two probably stale files does not help, they are recreated on the next ssh login. syslog in remotehost contains the following related to the ssh login.
sshd[17551]: Accepted publickey for hlovdal from x.x.x.x port 36545 ssh2 sshd[17552]: fatal: mm_request_receive: read: Connection reset by peer sshd[17551]: pam_unix(sshd:session): session opened for user hlovdal by (uid=0)
This mm_request_receive error message have never occured before, so I guess there is the clue for further debugging.
-
Thalys over 10 yearsMight help to explain the command - I've taken a look at the strace manpage, but I don't get what the arguement
-oout
means. Explaining it would turn a good answer, into an awesome one. -
klausnrooster about 10 yearsThis is what fixes raspberry pi to Ubuntu 12.04 connection for me, both in the home.
-
Diego Tercero over 6 yearsI started having the same message after upgrading Unbuntu 17.10 on a Azure VM. I don't quite remember if I started seeing that message right after the upgrade when I remotely logged in with Putty or after i installed xrdp, since I wanted to have a remote Desktop Connection from my Windows 7 machine. Anyways, your suggested solution fixed that.
-
Trevor Boyd Smith over 3 yearsfor some reason my home
.Xauthority
directory was owned byroot:root
for some reason. but my home is owned by the correct user so I was able to remove the directory and thenssh -X
andssh -Y
worked again.