Login hangs in X11 with AIX 5.2
Steve
AIX" sourceforge site (http://sourceforge.net/projects/openssh-aix) and
a downloaded OpenSSL 0.9.7g RPM package. It ran fine until I recently
applied maintenance, bringing the box to 5.3.03 from 5.3.01. Now SSH
hangs during login, apparently during X11 authentication. (I see
"/usr/bin/X11/xauth -q -" in the process list.) I do not normally use
X, but we leave it enabled for users. If I unset the DISPLAY variable
before issuing the ssh command, the login proceeds normally - no
problems.
When I login with a remote shell, whether from another AIX box or via
Putty from my desktop, the session usually just hangs and never
recovers - no error messages or anything. Occasionaly it only hangs
for about 30 seconds before giving me the following error, and then I
finally get logged in:
/usr/bin/X11/xauth: 1356-361 Timeout in locking authority file
/home/sbassle/.Xauthority.
When I run remote commands or scripts, the session always hangs and
never recovers. If I press ctrl-c I get kicked out. If I'm logged in
with another session and kill the xauth process, the login continues
and the command runs successfully. BTW, before I do this, I can see
files .Xauthority-c and .Xauthority-l in my home directory, both with 0
bytes.
Here's some verbose output from: "ssh -vvv <server name> ls -l":
...
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/sbassle/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug2: input_userauth_pk_ok: fp
71:0d:30:3b:af:92:ab:a6:35:a5:5c:24:66:19:9a:e6
debug3: sign_and_send_pubkey
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: ssh_session2_setup: id 0
debug2: x11_get_proto: /usr/bin/X11/xauth -f
/tmp/ssh-FjJVe44028/xauthfile generate unix:10.0 MIT-MAGIC-COOKIE-1
untrusted timeout 1200 2>/dev/null
debug2: x11_get_proto: /usr/bin/X11/xauth list unix:10.0 . 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req
debug1: Requesting authentication agent forwarding.
debug2: channel 0: request auth-ag...@openssh.com
debug1: Sending command: ls -l
debug2: channel 0: request exec
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072
At this point, the login hangs forever, or at least longer than 20
minutes, at which time I pressed ctrl-c and received the following:
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i0/0 o0/0 fd 4/5)
debug3: channel 0: close_fds r 4 w 5 e 6
Killed by signal 2.
Running the same command to connect to an AIX 5.2 box running
openSSH_3.8.1.p1 produces exactly the same results up to the point of
the hang, then continues with:
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
-- "ls -l" command output here...
debug3: channel 0: will not send data after close
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1)
debug3: channel 0: close_fds r -1 w -1 e 6
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 6.3 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
In sshd_config, I have the following options turned on:
Protocol 2
PermitRootLogin no
X11Forwarding yes
Compression no
In ssh_config, I have the following options turned on:
ForwardAgent yes
ForwardX11 yes
Protocol 2
I don't believe I can roll this out to users until I get this resolved,
so I would really appreciate any help. Thanks!
Steve
George Baltz
> I have an AIX 5.3 server running openSSH 4.1p1 from IBM's "OpenSSH on AIX"
> sourceforge site (http://sourceforge.net/projects/openssh-aix) and a
> downloaded OpenSSL 0.9.7g RPM package. It ran fine until I recently
> applied maintenance, bringing the box to 5.3.03 from 5.3.01. Now SSH
> hangs during login, apparently during X11 authentication. (I see
> "/usr/bin/X11/xauth -q -" in the process list.) I do not normally use X,
> but we leave it enabled for users. If I unset the DISPLAY variable before
> issuing the ssh command, the login proceeds normally - no problems.
>
> When I login with a remote shell, whether from another AIX box or via
> Putty from my desktop, the session usually just hangs and never recovers -
> no error messages or anything. Occasionaly it only hangs for about 30
> seconds before giving me the following error, and then I finally get
> logged in:
> /usr/bin/X11/xauth: 1356-361 Timeout in locking authority file
> /home/sbassle/.Xauthority.
This is a known bug in ML03 - see APAR IY76807.
<snipage>
> I don't believe I can roll this out to users until I get this resolved, so
> I would really appreciate any help. Thanks! Steve
--
George Baltz N3GB
Computer Sciences Corp Rule of thumb: ANYthing offered
@NOAA/NESDIS/IPD by unsolicited email is a hoax,
Suitland, MD 20746 ripoff, scam or outright fraud.
Steve
Thanks!
Steve