X11 Forwarding Broken on Solaris

If you’re running Solaris 8 or 9 and an upgrade results in broken SSH X11 forwarding, the problem may be Sun’s socfs bug. The symptom will be SSH’s failure to set the $DISPLAY variable and an error in your system log looking something like this:

Jun 3 09:40:24 servername sshd[26432]: [ID 800057 auth.error] error: Failed to allocate internet-domain X11 display socket.

To fix this, you can either install Sun’s latest socfs patch for your version of the OS, or simply force sshd into IPv4 mode by doing the following:

Edit you sshd_config file, adding the following:

# IPv4 only
ListenAddress 0.0.0.0

Edit your sshd startup script to issue a “-4″ to sshd on start:

case "$1" in
'start')
echo 'starting ssh daemon'
/usr/local/sbin/sshd -4
;;

Restart sshd, and that should pretty much do it… Enjoy.

5 thoughts on “X11 Forwarding Broken on Solaris

  1. This appears to also affect Solaris 10. To work around the issue in 10 simply edit /lib/svc/method/sshd and append the ‘-4′ to the start function. once the file is saved simply issue ‘svcadm restart ssh’

  2. THANK YOU!!!! I dont have a cd/dvd drive on my sun netra x1 so a reinstall is pretty much a no go. You saved my system!

  3. Current patch created the problem for systems what only use IPv4. The solution, until a binary resolution is provided, is to config up an IPv6 localhost interface as such:

    ifconfig lo0 inet6 plumb up

    Which brings up:

    lo0: flags=2002000849 mtu 8252 index 1
    inet6 ::1/128

    Ensure the /etc/hosts as the following entry as well:

    ::1 localhost

    This will bring up a ipv6 localhost interface, which allows the forwarding over X11 to operate without a problem. Recycle the ssh daemon and it should work without a problem.

  4. I have just spent the better part of a long day and late night trying to get SSH set up on a *very old* Solaris 8 server (without the /dev/random patch) for X11 tunneling. Finally got SSHd working with PRNGd only to find out $DISPLAY was not being forwarded… ARGH! After checking all the usual stuff and a *lot* of head scratching, I finally stumbled on this after checking the logs and seeing the “Failed to allocate…” error. Followed your suggestion and ‘voila’ problem solved. A big THANKYOU! – Now time for a cold one! :-)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>