Subject: Re: CVS commit: basesrc
To: Perry E. Metzger <perry@wasabisystems.com>
From: Luke Mewburn <lukem@wasabisystems.com>
List: source-changes
Date: 06/19/2001 10:25:39
On Mon, Jun 18, 2001 at 08:17:26PM -0400, Perry Metzger wrote:
>
> Luke Mewburn <lukem@wasabisystems.com> writes:
> > > Can we reopen the issue?
> >
> > No, I don't think so.
> >
> > Have a look at the way that X11Forwarding is implemented. It effectively
> > comprises of:
> > * creating a tunnel for the X traffic (ssh & sshd)
> > * creating a one-time $DISPLAY (e.g, "server:55") and and
> > appropriate xauth cookie for that session (ssh)
> > * passing this new $DISPLAY and cookie (ssh to remote sshd to deal with)
> >
> > Our login(1) can't handle the cookie (or the DISPLAY, unless it's in the
> > environment before-hand).
>
> It handles DISPLAY just fine. Try it -- it gets passed properly. What
> it isn't handling is the the creation of the X authority file for the
> cookie.
>
> > Hacking login(1) to support this cookie
> > munging is something that I strongly object to.
>
> So have the sshd create the .Xauthority file and THEN call login. Not
> A Big Deal. You can just steal the code from session.c that does it
> right now, put it into a pre-amble that gets called before login is
> called, and go.
You have the source :-)
I'll point out that this behaviour (UseLogin && X11Forwarding) has
never worked AFAICT. I was just ensuring that the user and system
administrator has appropriate feedback and documentation to this
affect, rather than wondering (like I did) why X11Forwarding wasn't
working without any obvious reason why.