SSH -X "Warning: untrusted X11 forwarding setup failed: xauth key data not generated"

Hey I'm having an issue getting ssh X forwarding to work. The setup is I'm sshing into my ubuntu VM off OSX Yosemite host machine.

I already installed xQuartz on OSX, xauth on ubuntu, and I believe I've have all the correct options set in ssh_config files.

I get the 

Warning: untrusted X11 forwarding setup failed: xauth key data not generated
X11 forwarding request failed on channel 0

message when opening a connection with ssh -X, and when I tried to run an X application:

xterm: Xt error: Can't open display:
xterm: DISPLAY is not set

I have the identical setup on my other machine except running Mavericks and it works fine, is there something specific to Yosemite specific I have to worry about?

94633 次浏览
小开

I received the same warning as you after upgrading to Yosemite. After I added ForwardX11Trusted yes in my ~/.ssh/config file, the warning disappeared.

Do you have the following lines in your ~/.ssh/config file for enabling Trusted X11 forwarding?

Host APPROPRIATE_HOSTNAME
ForwardX11Trusted yes
ForwardX11 yes
OTHER_OPTIONS
小开

ForwardX11Trusted is required even for connections you think are untrusted when your X server doesn't have the SECURITY extension (Apple servers have a ton of visuals that take up over 100 lines, so I suggest "xdpyinfo | grep SECURITY" to check; if that returns no output, you don't have it). There may be other reasons and exceptions, but this worked for me.

小开

On macOS Sierra, I now have to do ssh -Y instead of ssh -X to get a display from a linux machine to work on my Mac.

小开

I've just downloaded the latest X11 version and it worked again

小开

I already had the latest XQuartz 2.7.11 installed, but I think I've also updated the OS a few times since then. I reinstalled XQuartz 2.7.11, and now it is working fine.

小开

When you login the cluster, do not use -X or -Y options.

Example: 

ssh -Y remotelogin: gives me X11 related warning.

ssh remotelogin: No warning, works fine.

小开

Note that some incomplete answers might lead to security flaws.

  1. Using ssh -Y means here having fake xauth information which is bad!
  2. ssh -X should work since XQuartz, once enabled, uses xauth. The only problem is that ssh is looking for xauth in /usr/X11R6/bin and on macOS with XQuartz it is in /opt/X11/bin

Secure solution:

  1. Enable the first option in the Security tab of preferences (Cmd-,) which enables authenticated connections.

  2. Edit ~/.ssh/config, add XAuthLocation /opt/X11/bin/xauth to the host config.

  3. ssh -X your_server works in a secure manner.

  4. Ensure xauth is installed on the destination host.

小开

Gilles Gouaillardet has the answer that solved this for me. Edit ~/.ssh/config to contain

Host *
XAuthLocation /opt/X11/bin/xauth

and ssh -X hostname now works (XQuartz 2.7.11, macOS 10.4 Mojave)

小开

I just hit this issue using Mac OS X 10.6.8 to Linux Debian 9. None of the solutions provided worked.

Root cause was: loopback interface was "DOWN" on the target Linux host.

I had to type the following on the target host to fix the issue

ip link set lo up

小开

Same as answered by user Xvalidated above. but there was no ssh_config file in my .ssh directory. 1. copy ./etc/ssh_config to ~/.ssh/ #file if not there 2. edit Host hostname ForwardX11Trusted yes ForwardX11 yes

  1. As answered before, I would like to add one more thing which will work to reinstall X-supporting software.

提交答案