IBM Support

AIX X11: SSH X11 Forwarding xauth might not run with custom sshrc scripts

Question & Answer


Question

I enabled X11 forwarding with SSH.  The DISPLAY is automatically set to localhost:10 as expected. However, the xauth command does not run.

Cause

The Thales CipherTrust Transparent Encryption File System Agent (CTE) file set, vee.fs, created an empty /etc/ssh/sshrc file, which does not call xauth.
*Note:  any application or user could create this /etc/ssh/sshrc, or ~/.ssh/rc.

Answer

If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment files but before starting the user's shell or command. It must not produce any output on stdout; stderr must be used instead. If X11 forwarding is in use, it will receive the "proto cookie" pair in its standard input (and DISPLAY in its environment). The script must call xauth(1) because sshd will not run xauth automatically to add X11 cookies.
Solution:  Remove the file, or add xauth to the scripts. IBM AIX Support is not able to state whether this empty file is required for the CTE Agent. Users should consult with the provider of the vee.fs file set for clarification about this empty file.
SUPPORT

If you require more assistance, use the following step-by-step instructions to contact IBM to open a case for software with an active and valid support contract.  

1.  Document (or collect screen captures of) all symptoms, errors, and messages related to your issue.

2.  Capture any logs or data relevant to the situation.

3.  Contact IBM to open a case:

   -For electronic support, see the IBM Support Community:
     https://www.ibm.com/mysupport
   -If you require telephone support, see the web page:
      https://www.ibm.com/planetwide/

4.  Provide a clear, concise description of the issue.

5.  If the system is accessible, collect a system snap, and upload all of the details and data for your case.

 - For guidance, see: Working with IBM AIX Support: Collecting snap data

[{"Type":"MASTER","Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"ARM Category":[{"code":"a8m0z000000cw2mAAA","label":"Desktop->X11 Clients"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"}],"Version":"All Versions"}]

Document Information

Modified date:
17 September 2021

UID

ibm16490369

Page Feedback