weird ssh or X problem

David Minor minor at fusion.gat.com
Wed Jul 20 22:07:45 UTC 2005 

My apologies if this has been addressed previously - I didn't see  
anything for it in the archives.

We're in the process of upgrading to RedHat Enterprise version 4 and  
are seeing a strange ssh or X problem. We're using a vanilla install.  
The only change we've made is two variables in sshd_config - we've  
got the following variables uncommented: X11UseLocalhost no
X11Forwarding yes.

Here's what happens:

1) User ssh's into remote machine (machine1.company.com) which is  
running the new version. Tries to run an X process, say xclock. User  
is told:

Error: Can't open display: machine.company.com:10.0

User keeps this session open.

2) User opens a second ssh session to the same remote machine. Runs  
xclock - it works. On this second session the client has been handed  
the same display (machine1.company.com:10.0) as the first session.

3) User goes back to first session. Now xclock works in that session  
also.

4) If user logs out of second session, X stops working on first session.

We see this behavior regardless of the ssh client used (we've tested  
Linux, OSX, HP-UX). It also doesn't matter if we use X forwarding on  
the client (via -X or -Y) either.

Note that if a user doesn't have concurrent ssh sessions open, X  
never works.

Further looking at it indicates that this  *might*  be an X problem?

1) First connection to the machine (using ssh again). It's handed  
display 10. X does not work. Telnetting to localhost 6010 gives a  
"connection refused" message.

2) Second connection to the machine (again using ssh). Handed the  
same display. X works. Telnetting to localhost 6010 now works. So  
there's something going on with the way ports are being opened.

3) Also, the machine simply isn't listening on port 6000. Compare this:

On the machine with the problem:
machine1.domain.com: netstat -an | grep 6000
machine1.domain.com:   [nothing]

a different machine running RHEL version 3:

machine2.domain.com: netstat -an | grep 6000
tcp        0      0 0.0.0.0:6000                 
0.0.0.0:*                   LISTEN

Anyone else see this problem or have any suggestions??

More information about the redhat-list mailing list