1361059969 Q * hparker Server closed connection
1361059987 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647
1361062513 Q * micah Server closed connection
1361062516 J * micah ~micah@micah.riseup.net
1361062801 Q * FIChTe Server closed connection
1361062843 J * FIChTe ~fichte@bashpipe.de
1361063140 N * Bertl_zZ Bertl
1361063143 M * Bertl back now ...
1361065121 J * chrissbx ~chrissbx@213.205.228.212
1361065228 M * chrissbx Hello. I've got a machine with 3 vserver guests: one is called t3 running Debian stable (and running X, used as my GUI to everything), one is called gam and also running Debian stable, and one is called tes, running Debian testing.
1361065253 M * chrissbx I can use ssh -X or ssh -Y to log into gam and have it display stuff in t3; but the same doesn't hold true for tes.
1361065323 M * chrissbx sshd_config in both gam and tes have: X11Forwarding yes, and X11DisplayOffset 10 or 12 or 15 (originally both were on 10, then I changed them to 12 and 15, gam still works, tes still doesn't)
1361065327 M * chrissbx Any ideas?
1361065364 M * chrissbx ssh client config doesn't have anything re X11 other than globally: ForwardX11Trusted no
1361066293 M * Bertl what does 'xauth list' show?
1361066310 M * chrissbx tes/unix:10  MIT-MAGIC-COOKIE-1  9ba6e28da060a7be00b66687ff0b2d83
1361066384 M * chrissbx A long time ago, I wrote a wrapper around xauth that s/unix/localhost/; that was necessary to get it to work like 5 years ago.
1361066410 M * chrissbx But Debian Squeeze at least worked without that hack. And in fact neither tes nor gam have this wrapper installed.
1361066420 M * chrissbx I've now tried with the wrapper, but it doesn't help.
1361066442 M * Bertl and 'echo $DISPLAY' ?
1361066455 M * chrissbx Matches whatever is shown in xauth list.
1361066469 M * chrissbx i.e. localhost:12.0 now that I have the wrapper
1361066538 M * Bertl so, you have an entry for tes/unix:10 but you connect to localhost:12.0 ?
1361066567 M * chrissbx No, now with the wrapper I've got two entries like: localhost:12  MIT-MAGIC-COOKIE-1  25166e9c9bc9a49028730509717920c4
1361066599 M * chrissbx Before the wrapper I've had the one with 'unix' in it, and DISPLAY matched it.
1361066616 M * chrissbx I wonder why I've got a double entry of the above now, strange.
1361066618 M * Bertl so why is display different now?
1361066656 M * chrissbx Because of the wrapper
1361066661 M * Bertl anyway, I suspect something at the ssh layer
1361066671 M * chrissbx (let me see whether I've got it online)
1361066676 M * Bertl so my suggestion is, enable debugging in sshd
1361066723 M * Bertl start with the client (that's easier to do) and if that doesn't shed some light on the issue, run the server (sshd) in debug mode
1361066900 M * chrissbx What am I looking for?.. BTW, I changed the X11DisplayOffset to 12 in sshd_config; I've never cared about those, it always worked. Just mentioning. Didn't help anyway.
1361067131 M * chrissbx Neither the client nor the server say anything when trying to open an X11 connection; I guess it just fails authentication with the X server.
1361067208 M * chrissbx client: Running /usr/bin/xauth remove unix:12.0
1361067208 M * chrissbx /usr/bin/xauth add unix:12.0 MIT-MAGIC-COOKIE-1 f7d60c2be76ae883f4429728a3f6adbd
1361067231 M * chrissbx after  debug1: Requesting X11 forwarding with authentication spoofing.
1361067262 M * chrissbx Well going to make a diff of the output between gam and tes.
1361067298 M * Bertl note that the client doesn't have all information, so if that is inconclusive, check the server (sshd)
1361067315 M * chrissbx I did, not seeing anything suspicious.
1361067613 M * chrissbx I don't find any real difference in either sshd -d nor ssh -vvv log output between gam and tes.
1361067763 M * chrissbx Different protocol versions, child pid, ip and source port, oom_adj value, authorized_keys file lines, /dev/pts/X number, and tes has [preauth] added to many messages (seems they added this to sshd)
1361067794 M * chrissbx And gam has a line "Failed none for chris from 192.168.4.101 port 58270 ssh2"
1361067800 M * chrissbx which doesn't appear in tes.
1361067823 M * chrissbx Note that gam is the one that works, in spite of that "failure" (because? or was that just removed from sshd)
1361067832 M * Bertl anything in the authlogs?
1361067895 M * chrissbx Also client side log output has one change aside version number and more ciphers and hashes:
1361067902 M * chrissbx debug2: dh_gen_key: priv key bits set: 130/256
1361067902 M * chrissbx debug2: bits set: 505/1024
1361067903 M * chrissbx versus
1361067909 M * chrissbx debug2: dh_gen_key: priv key bits set: 123/256
1361067909 M * chrissbx debug2: bits set: 522/1024
1361067922 M * chrissbx whatever that means.
1361067928 M * chrissbx Going to check auth.log
1361068091 M * chrissbx Nope, totally normal (only 2 lines, "Accepted publickey for chris from.." and "pam_unix(sshd:session): session opened for user chris.."
1361068222 M * Bertl what is logged by ssh/sshd (debug mode) when you run an x11 app (e.g. xclock)?
1361068256 M * chrissbx (I can 'telnet 127.0.0.1 6012' from a separate login within tes, type some garbage, and get 'X11 connection rejected because of wrong authentication.' printed by the terminal carrying the ssh login.)
1361068274 M * chrissbx Nothing is logged by neither when I start an X app.
1361068298 M * Bertl and localhost/tes does point to 127.0.0.1 yes?
1361068331 M * chrissbx oh, good question:
1361068333 M * chrissbx tes:~# telnet localhost 6012
1361068333 M * chrissbx Trying 10.0.1.105...
1361068333 M * chrissbx Trying ::1...
1361068333 M * chrissbx telnet: Unable to connect to remote host: Address family not supported by protocol
1361068356 M * Bertl so, that looks like your problem then
1361068441 M * chrissbx Well, now it says chris@tes:~$ xmessage fe
1361068441 M * chrissbx X11 connection rejected because of wrong authentication.
1361068441 M * chrissbx Error: Can't open display: localhost:12.0
1361068453 M * chrissbx Going to try without the wrapper.
1361068473 M * chrissbx That works.
1361068530 M * Bertl there you go
1361068535 M * chrissbx Wow. So, ssh went from needing my hack, to not needing anything and working with the 'real' locally assigned IP for localhost, to needing my wrapper *not* to be present and needing localhost resolve to 127.0.0.1
1361068558 M * chrissbx And that in spite of xauth list saying tes/unix:12 and nothing of localhost.
1361068565 M * chrissbx Why localhost plays into this is beyond me.
1361068611 M * chrissbx I guess, when it started working without my wrapper that they went to connect to localhost in spite of it saying "unix".
1361068625 M * chrissbx And now they changed it to looking up localhost in /etc/hosts instead of hard coding it.
1361068655 M * chrissbx In any case, thanks for your help!
1361068783 M * Bertl debian is a mystery (at least to me :) and you're welcome!
1361073578 J * neofutur neofutur@gemelos.ww7.be
1361073949 M * Bertl off for a nap .. bbl
1361073953 N * Bertl Bertl_zZ
1361078538 Q * clopez Ping timeout: 480 seconds
1361079265 Q * ensc Server closed connection
1361079274 J * ensc ~irc-ensc@p54ADE90D.dip.t-dialin.net
1361079313 Q * ircuser-1 Server closed connection
1361079334 J * ircuser-1 ~ircuser-1@35.222-62-69.ftth.swbr.surewest.net
1361079452 Q * chrissbx Quit: Leaving
1361084658 N * Bertl_zZ Bertl
1361084663 M * Bertl back again ...
1361090367 J * bonbons ~bonbons@2001:a18:20a:1601:388b:a94b:d092:39ea
1361090928 J * _WildPikachu_ ~nkukard@196-210-205-18.dynamic.isadsl.co.za
1361091068 Q * nkukard_ Ping timeout: 480 seconds
1361091982 J * thierryp ~thierry@home.parmentelat.net
1361092145 Q * thierryp Remote host closed the connection
1361092271 J * thierryp_ ~thierry@2a01:e35:2e2b:e2c0:5dd5:6336:4620:8bef
1361092754 Q * thierryp_ Ping timeout: 480 seconds
1361098803 Q * fisted Remote host closed the connection
1361098871 J * fisted ~fisted@xdsl-84-44-239-208.netcologne.de
1361104171 Q * ircuser-1 Ping timeout: 480 seconds
1361104373 J * thierryp ~thierry@home.parmentelat.net
1361104675 Q * thierryp Remote host closed the connection
1361105120 Q * FIChTe Ping timeout: 480 seconds
1361105130 J * fichte` ~fichte@bashpipe.de
1361105231 Q * FloodServ reticulum.oftc.net charon.oftc.net
1361105300 J * FloodServ services@services.oftc.net
1361105316 P * FloodServ 
1361105410 T * ChanServ http://linux-vserver.org/ |stable 3.6.x-vs2.3.x|util-vserver-0.30.216-pre3038| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute.
1361105410 J * FloodServ services@services.oftc.net
1361106580 J * tokkee tokkee@osprey.tokkee.org
1361106862 N * ensc Guest2081
1361106872 J * ensc ~irc-ensc@p54ADEE91.dip.t-dialin.net
1361107275 Q * Guest2081 Ping timeout: 480 seconds
1361113897 M * Bertl off to bed now ... have a good one everyone!
1361113901 N * Bertl Bertl_zZ
1361114832 J * BenG ~bengreen@cpc35-aztw23-2-0-cust207.18-1.cable.virginmedia.com
1361114837 J * ircuser-1 ~ircuser-1@35.222-62-69.ftth.swbr.surewest.net
1361115802 J * thierryp ~thierry@2a01:e35:2e2b:e2c0:6dd0:9811:4557:4c2e
1361115812 Q * thierryp Remote host closed the connection
1361121253 Q * BenG Quit: I Leave
1361123070 Q * BlackPanx Ping timeout: 480 seconds
1361125201 Q * fisted Quit: brb
1361125360 J * fisted ~fisted@xdsl-84-44-239-208.netcologne.de
1361129442 J * hijacker_ ~hijacker@cable-84-43-134-121.mnet.bg
1361131550 J * Ghislain ~aqueos@adsl1.aqueos.com
1361131856 Q * cuba33ci Read error: Connection reset by peer
1361131950 J * cuba33ci ~cuba33ci@114-36-231-175.dynamic.hinet.net
1361132567 Q * Ghislain Quit: Leaving.
1361136458 Q * hijacker_ Quit: Leaving
1361139008 Q * bonbons Quit: Leaving
1361142003 Q * fisted Remote host closed the connection
1361142068 J * fisted ~fisted@xdsl-78-35-80-214.netcologne.de