19

I have an unfortunate problem when making ssh connections from Fedora 23 to Centos 7. The commands ssh -X user@centos7 and ssh -Y user@centos7 both print Warning: No xauth data; using fake authentication data for X11 forwarding.

Googling shows to add the following lines to /etc/ssh/ssh_config:

Host *
    ForwardX11Trusted yes
    ForwardAgend yes
    ForwardX11 yes

But this didn't make the warning message go away.

nmgeek
  • 2,127
  • 1
  • 23
  • 31
A. Koenig
  • 191
  • 1
  • 1
  • 4

4 Answers4

23

For me this issue was caused by my Fedora system not having an ~/.Xauthority file.

I created one by executing the following commands on my Fedora system (Client machine):

xauth add :0 . `mcookie`
HeatfanJohn
  • 7,143
  • 2
  • 35
  • 41
  • 4
    More straightforwardly: `xauth generate :0 .` – Lutz Prechelt Dec 19 '18 at 10:11
  • this does remove the warning, my system is `5.2.15-200.fc30.x86_64` – Gang Mar 30 '20 at 18:55
  • 6
    I case it isn't obvious (I made this mistake) - you need to run this on the **client**. – sandyscott May 11 '20 at 20:53
  • 1
    A hand trace of file clientloop.c from openssh-portable shows that the message depends on the client only. ssh runs "xauth list 127.0.0.1:0.0" locally. clientloop.c prints the warning message if xauth returns no data or error. Creating .Xauthority, as HeatfanJohn mentions, clears the warning. – Brian Fitzgerald Nov 12 '20 at 04:07
  • 1
    The first comment did not work: $xauth generate :0 . xauth: file /home/XXX/.Xauthority does not exist xauth: (argv):1: couldn't query Security extension on display ":0" $xauth add :0 . `mcookie` works. – fchen Jan 03 '22 at 17:26
11

Letting Ubuntu bash on Windows 10 run ssh -X to get a GUI environment on a remote server

  • First

Install all of the following. On Windows, install an X server, e.g.Xming. On Ubuntu bash, use sudo apt install to install ssh xauth xorg.

sudo apt install ssh xauth xorg
  • Second

Go to the folder contains ssh_config file, mine is /etc/ssh.

  • Third

Edit ssh_config as administrator(USE sudo). Inside ssh_config, remove the hash # in the lines ForwardAgent, ForwardX11, ForwardX11Trusted, and set the corresponding arguments to yes.

# /etc/ssh/ssh_config

Host *
    ForwardAgent yes
    ForwardX11 yes
    ForwardX11Trusted yes
  • Fourth

In ssh_config file, remove the front hash # before Port 22 and Protocol 2, and also append a new line at the end of the file to state the xauth file location, XauthLocation /usr/bin/xauth, remember write your own path of xauth file.

# /etc/ssh/ssh_config

#   IdentifyFile ...
    Port 22
    Protocol 2
#   Cipher 3des
#   ...
#   ...
    ...
    ...
    GSSAPIDelegateCredentials no
    XauthLocation /usr/bin/xauth
  • Fifth

Now, since we are done editing the ssh_config file, save it when we leave the editor. Now go to folder ~ or $HOME, append export DISPLAY=localhost:0 to your .bashrc file and save it.

# ~/.bashrc
...
...
export DISPLAY=localhost:0
  • Last

We are almost done. Restart your bash shell, open your Xming program and use ssh -X yourusername@yourhost. Then enjoy the GUI environment.

ssh -X yourusername@yourhost

The problem is also in Ubuntu subsystem on Windows, and the link is at

https://gist.github.com/DestinyOne/f236f71b9cdecd349507dfe90ebae776

Wil
  • 5
  • 4
DestinyOne
  • 235
  • 2
  • 7
  • Hahahah this is literally what I am doing, thanks mate! – Ordiel Nov 15 '17 at 17:54
  • Do not forget `DISPLAY=localhost:0`. Putting `DISPLAY=:0` breaks Cygwin ssh + VnXsrv. – gavenkoa Oct 02 '18 at 20:29
  • 1
    For WSL, although you will be able to have successful X11 forwarding, you will still get a myriad of annoying messages about having to fake xauth credentials and other anomalous messages. Put `alias sshx="export DISPLAY=localhost:0; ssh -X"` in your `~/.bash_aliases`, source the file in your `~/.bashrc` (do all of this instead of exporting the `DISPLAY` environmental variable directly to your `~/.bashrc`). Then, use tmux and use `sshx username@remote_host`. When you are done, close out or detach that tmux session and you won't get those annoying messages when you are just using WSL. – ansebbian0 Apr 11 '19 at 15:22
9

See https://serverfault.com/a/859370/423488

You might have to add a line like this to /etc/ssh/ssh_config of the client system:

XAuthLocation /opt/X11/bin/xauth

But use the actual path to the xauth program on your client system (where your client system is the one you are running ssh from). You can find the path to xauth with this command:

which xauth
nmgeek
  • 2,127
  • 1
  • 23
  • 31
-3

Pipe stderr to a subshell that filters out the message with this incantation:

ssh yourusername@yourhost commandToRun 2> >( sed '/Warning: No xauth data/d')

Nothing to install, nothing to configure, nothing can go wrong!

Mike Slinn
  • 7,705
  • 5
  • 51
  • 85