There is a long and detailed discussion of this problem in Red Hat Bugzilla under https://bugzilla.redhat.com/show_bug.cgi?id=505545 Short problem description: ========================== If using GDM with XDMCP, then ssh is not able to start X11 clients on the remote side. You get a "No xauth data; using fake authentication data for X11 forwarding." from SSH. Detailed problem description: ============================= The problem is, that xauth is unable to deal with the Family "FamilyWild" which is used by GDM in XDMCP to store the MIT-MAGIC-COOKIE-1 for the user. This results in SSH not being able to get the MIT-MAGIC-COOKIE-1 of the user, because "xauth list $DISPLAY" does not match the DISPLAY (because it does not understand FamilyWild). This results in SSH not being able to ForwardX11 and therefore no X11 client could be started on the remote side. Solution: ========= I developed a patch to improve xauth to handle FamilyWild. I will submit this patch using GIT in a moment.
Created attachment 54022 [details] [review] Patch to improve xauth to handle FamilyWild
Please send your patch to the xorg-devel list for review
Since we are hitting the same issue, what is the status of this bug?
I sent it to the list and there was a remark about a memory leak. This is probably true, but I do not think, that this is too important, because xauth runs only for a fraction of a second, and does not collect memory like a daemon. However, I offer to look into the memory leak and update the patch if there is a chance of the patch beeing accepted. An alternative could be for the xauth authors to implement FamilyWild on their own.
(In reply to comment #4) > An alternative could be for the xauth authors to implement FamilyWild on their > own. The xauth authors haven't worked on xauth in over a decade. X.Org developers maintain it in their spare time, but waiting for us to decide to work on a problem caused by other programs putting unexpected data in the auth file may not be a quick process.
Created attachment 65284 [details] [review] improve xauth to handle FamilyWild An updated version of the orignal patch: - free host an rest on failed parse_displayname(), avoids memleak - reformat memcmp in match_authwild_dpy(), easier to read This is against xauth-1.0.7
Comment on attachment 65284 [details] [review] improve xauth to handle FamilyWild Review of attachment 65284 [details] [review]: ----------------------------------------------------------------- Looks good. :-)
Fixed in xauth-1.0.8 released today.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.