Subject: Re: SSH X11 forwarding crashes clients.
To: None <>
From: Ben Harris <>
List: current-users
Date: 12/06/2005 22:03:25
In article <> you write:
> (and others, with the same content):
>> Yes.  "X11 Security extensions" is the culprit.  Take a look at
>> the -Y flag in the ssh client manual page, or possibly the
>> ForwardX11Trusted directive the the ssh_config(5) page.
>Ah. Works. Thank you, Jarle and others, who all pointed this out to me.
>Would it too much asking that somone with the right clue and CVS bits
>inject some code, so that ssh produces an error message that is
>slightly more informative than the
>  X protocol error: BadWindow (invalid Window parameter) on protocol
>  request 38
>one gets from the X11 application on the remote side? *PLEASE*!?

It probably would.  As I understand it, all that ssh does is to ask the X
server for an untrusted cookie when setting up X forwarding.  It's then the
X server that gives the BadWindow error to the X client, in response to
which the X client closes the X connection.  For ssh to detect this, it
would have to parse all of the X protocol requests going past and detect
when the X server returned an error that it wouldn't have returned if the
cookie had been a trusted one.  It's possible it might even need to detect
whether the X client was planning to close the connection as a result (since
a clever client might be able to work around the problem).

Of course, my understanding could be incorrect -- the ssh manual page wasn't
very clear last time I looked.

>How about: "Untrusted X11 client terminated. See ssh -Y flag." in the
>ssh client end? Yes I understand that there are problems with the fact
>that the X application doesn't have a direct relationship with SSH,
>but still - ssh terminates the X11 session,

What makes you think this?

Ben Harris