# ssh -X untrusted X11 forwarding setup failed, no auth data

## rockdragon

Hi @all

ssh&xauth issues aren't quite new I know, but even after searching some threads I still didn't found what I'm looking for.

I want to use ssh -X (not ssh -Y, which works! Main reason: I don't want remote X apps to temper with my controls) to start X applications remotly on my gentoo box.

But every time i logged in, I got these

```

Warning: untrusted X11 forwarding setup failed: xauth key data not generated

Warning: No xauth data; using fake authentication data for X11 forwarding.

```

messages.

running ssh -vvv -X remotehost reveals 

```

debug2: x11_get_proto: /usr/bin/xauth -f /tmp/ssh-iEnVnh4826/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null

Warning: untrusted X11 forwarding setup failed: xauth key data not generated

Warning: No xauth data; using fake authentication data for X11 forwarding.

```

the xauth call seems to fail, so I tried (not knowing if thats the right way to solve this..)

```

$/usr/bin/xauth -f /tmp/ssh-iEnVnh4826/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200

$/usr/bin/xauth:  error in locking authority file /tmp/ssh-iEnVnh4826/xauthfile

```

however:

```

$mkdir /tmp/ssh-iEnVnh4826/         

$/usr/bin/xauth -f /tmp/ssh-iEnVnh4826/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200

/usr/bin/xauth:  creating new authority file /tmp/ssh-iEnVnh4826/xauthfile

/usr/bin/xauth: (argv):1:  couldn't query Security extension on display ":0.0"

```

After typing this post, I finally found a bug report discussing just my Problem  :Smile: 

https://bugs.gentoo.org/237778

So it seems the untrusted clients functionality is broken (unsafe hashs, whatever...) and the Xserver - "Security extensions" are disabled by default by the gentoo developers. 

So its still ssh -Y after all. 

good day

----------

