Bug 1662189

Summary: ssh is failing to export the display variable when configured vi /etc/sysctl.conf
Product: Red Hat Enterprise Linux 8 Reporter: vinay <vchoudha>
Component: opensshAssignee: Jakub Jelen <jjelen>
Status: CLOSED ERRATA QA Contact: Ondrej Moriš <omoris>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.1CC: omoris, riehecky, szidek, vpakolu
Target Milestone: rcKeywords: Triaged
Target Release: 8.0Flags: jruemker: mirror+
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssh-8.0p1-5.el8 Doc Type: Bug Fix
Doc Text:
Cause: Bug in X11 display binding when IPv6 is disabled. Consequence: The X11 forwarding was failing if IPv6 was disabled. Fix: The ssh no longer fails if the (IPv6) address is not available. Result: SSH is able to initialize X11 forwarding in networks where IPv6 is disabled.
 Story Points: ---
Clone Of: 1489013 Environment:
Last Closed: 2020-11-04 01:31:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1489013    
Bug Blocks: 1594286, 1679810    

Comment 14 Ondrej Moriš 2020-04-02 10:42:45 UTC 
Successfully reproduced and verified.

OLD (openssh-8.0p1-4.el8_1)
===========================
$ ssh -X root.lab.eng.bos.redhat.com
X11 forwarding request failed on channel 0

# sysctl -a | grep disable_ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.ens3.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.virbr0.disable_ipv6 = 1
net.ipv6.conf.virbr0-nic.disable_ipv6 = 1

# echo $DISPLAY

# xterm 
Warning: This program is an suid-root program or is being run by the root user.
The full text of the error or warning message cannot be safely formatted
in this environment. You may get a more descriptive message by running the
program as a non-root user or by removing the suid bit on the executable.
xterm: Xt error: Can't open display: %s
xterm: DISPLAY is not set

# netstat --numeric-ports | grep localhost

NEW (openssh-8.0p1-5.el8)
=========================
$ ssh -X root.lab.eng.bos.redhat.com

# sysctl -a | grep disable_ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.ens3.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.virbr0.disable_ipv6 = 1
net.ipv6.conf.virbr0-nic.disable_ipv6 = 1

# echo $DISPLAY
localhost:10.0

# xterm 
xterm: cannot load font "-Misc-Fixed-medium-R-*-*-13-120-75-75-C-120-ISO10646-1"
xterm: cannot load font "-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso10646-1"
<running>

# netstat --numeric-ports | grep localhost
tcp        0      0 localhost:6010          localhost:35032         ESTABLISHED
tcp        0      0 localhost:35032         localhost:6010          ESTABLISHED
Comment 17 errata-xmlrpc 2020-11-04 01:31:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openssh bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4439