X forwarding suddenly failing over ssh

Hi,
I have an Ultra 20 running solaris 10, and recently started using the patch manager thingy to update my machine automatically. Well, one of those patches botched X11 forwarding over ssh, with the following error message delivered to the client:
==================
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
connect /tmp/.X11-unix/X0: Not a directory
X connection to localhost:10.0 broken (explicit kill or server shutdown).
==================
Looking at this file, i see this:
==================
pwd/tmp/.X11-unix
ls -FCltotal 0
srwxrwxrwx 1 root root 0 Oct 12 19:31 X0=
==================
Which looks more or less correct for a socket. (doing just a plain "ls" returns "X0", and not "X0=").
When run in debug mode, sshd gives this:
==================
debug1: X11 connection requested.
debug1: channel 3: new [X11 connection from ::1 port 33274]
channel 3: open failed: administratively prohibited: open failed
debug1: channel 3: free: X11 connection from ::1 port 33274, nchannels 4
==================
This was working perfectly for a long time, and I don't even know which patch it was that caused the problem.
Help! I can't stand developing with VI any more! Must run xemacs...
Thanks,
Ben

Hello.
With my old computer I managed to display this screen on a Windows X client using XDM. On my new machine I did not manage this because dtgreet does not work on remote machines when having installed the latest patches.
Using SSH it is not possible to show this screen at all.
If it was possible with another version of dtgreet you had to log-in as "root" using SSH (it would not work with another user) which is a problem because SSH typically denies root access.
The question is: Why do you wish to show this display on the remote machine? Maybe there is a better way to archieve the goal you actually want.
Martin

Similar Messages

Forwarding login screen over SSH

Hi,
I am trying to forward my Solaris login screen to my PC running an X server. I want to forward the login screen that says
"Welcome to <hostname>
Solaris
Please enter your user name"
How do I go about this? What is the file in Soalris that boots this screen on start up? I can forward a CDE session to my PC, but I dont want to do that. I need this login screen.
Appreciate the help guys,
David.

Hello.
With my old computer I managed to display this screen on a Windows X client using XDM. On my new machine I did not manage this because dtgreet does not work on remote machines when having installed the latest patches.
Using SSH it is not possible to show this screen at all.
If it was possible with another version of dtgreet you had to log-in as "root" using SSH (it would not work with another user) which is a problem because SSH typically denies root access.
The question is: Why do you wish to show this display on the remote machine? Maybe there is a better way to archieve the goal you actually want.
Martin

Can't forward X over ssh anymore

I'm not really getting any error messages, it only says "can't open display" when I try to lauch an app. Everything seems okay using -vv to get info:
debug1: Requesting X11 forwarding with authentication spoofing.
then it just logs in without any error.
I moved the ~/.Xauthority on the client machine, and then got this error - i wonder if has something to do with the .Xauthority?
Warning: No xauth data; using fake authentication data for X11 forwarding.
I can ssh into a fedora box and launch apps, but not arch. Anyone have a suggestion of where I can start looking? Xorg.log is also giving absolutely nothing.

sinister99 wrote:
slackhack wrote:
I think I got it. Add this line (or uncomment) to /etc/ssh/sshd_config, and restart the daemon:
X11UseLocalhost yes
Didn't work for me; are you connecting to another box, or are you on the same computer?
i'm on my laptop, connecting to my desktop. uncomment the line on the server box and restart the daemon, if that's not what you did.
also do echo $DISPLAY on the client (i think it should be something like :0.0), and on the server when you log in with X forwarded (should be a higher number, like :10.0).
also, make sure to run ssh with -vv flags to see if you get any error messages.

VSS fail over

Morning,
Im just going through testing VSS on 2*4500x, when i pull the power from the Standby or Active unit the host's see a 6 ping drop out.
Am i expecting to much by having 0 loss or have i missed some fail over configuration?
Many thanks for any help.
I can post config if needed.
S

sh run
Building configuration...
Current configuration : 16559 bytes
! Last configuration change at 06:10:42 UTC Fri Apr 11 2014
version 15.1
no service pad
service timestamps debug datetime
service timestamps log datetime
service password-encryption
service compress-config
service sequence-numbers
hostname VSScore
boot-start-marker
boot system flash bootflash:cat4500e-universalk9.SPA.03.04.02.SG.151-2.SG2.bin
boot-end-marker
vrf definition mgmtVrf
address-family ipv4
exit-address-family
address-family ipv6
exit-address-family
enable secret
username
aaa new-model
aaa authentication login CONSOLE local
aaa session-id common
clock summer-time UTC recurring last Sun Mar 2:00 last Sun Oct 2:00
switch virtual domain 10
switch mode virtual
switch 1 priority 200
mac-address use-virtual
dual-active detection pagp trust channel-group 201
dual-active recovery ip address 192.168.22.1 255.255.255.192
udld enable
ip vrf Liin-vrf
no ip domain-lookup
ip domain-name
power redundancy-mode redundant
mac access-list extended VSL-BPDU
permit any 0180.c200.0000 0000.0000.0003
mac access-list extended VSL-CDP
permit any host 0100.0ccc.cccc
mac access-list extended VSL-DOT1x
permit any any 0x888E
mac access-list extended VSL-GARP
permit any host 0180.c200.0020
mac access-list extended VSL-LLDP
permit any host 0180.c200.000e
mac access-list extended VSL-MGMT
permit any host 00ff.a3e1.f864
permit any host 00ff.f271.3e20
mac access-list extended VSL-SSTP
permit any host 0100.0ccc.cccd
port-channel load-balance src-dst-mac
spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
spanning-tree vlan 2-999 priority 8192
redundancy
mode sso
main-cpu
auto-sync startup-config
auto-sync standard
vlan internal allocation policy ascending
ip ssh source-interface Vlan500
ip ssh version 2
class-map match-any VSL-MGMT-PACKETS
match access-group name VSL-MGMT
class-map match-any VSL-DATA-PACKETS
match any
class-map match-any VSL-L2-CONTROL-PACKETS
match access-group name VSL-DOT1x
match access-group name VSL-BPDU
match access-group name VSL-CDP
match access-group name VSL-LLDP
match access-group name VSL-SSTP
match access-group name VSL-GARP
class-map match-any VSL-L3-CONTROL-PACKETS
match access-group name VSL-IPV4-ROUTING
match access-group name VSL-BFD
match access-group name VSL-DHCP-CLIENT-TO-SERVER
match access-group name VSL-DHCP-SERVER-TO-CLIENT
match access-group name VSL-DHCP-SERVER-TO-SERVER
match access-group name VSL-IPV6-ROUTING
class-map match-any VSL-MULTIMEDIA-TRAFFIC
match dscp af41
match dscp af42
match dscp af43
match dscp af31
match dscp af32
match dscp af33
match dscp af21
match dscp af22
match dscp af23
class-map match-any VSL-VOICE-VIDEO-TRAFFIC
match dscp ef
match dscp cs4
match dscp cs5
class-map match-any VSL-SIGNALING-NETWORK-MGMT
match dscp cs2
match dscp cs3
match dscp cs6
match dscp cs7
policy-map VSL-Queuing-Policy
class VSL-MGMT-PACKETS
bandwidth percent 5
class VSL-L2-CONTROL-PACKETS
bandwidth percent 5
class VSL-L3-CONTROL-PACKETS
bandwidth percent 5
class VSL-VOICE-VIDEO-TRAFFIC
bandwidth percent 30
class VSL-SIGNALING-NETWORK-MGMT
bandwidth percent 10
class VSL-MULTIMEDIA-TRAFFIC
bandwidth percent 20
class VSL-DATA-PACKETS
bandwidth percent 20
class class-default
bandwidth percent 5
interface Port-channel1
description VSL Link from Switch 1
switchport
switchport mode trunk
switchport nonegotiate
switch virtual link 1
interface Port-channel2
switchport
switchport mode trunk
switchport nonegotiate
switch virtual link 2
interface Port-channel200
description Link:-Security
switchport
interface Port-channel201
description Link:01
switchport
switchport mode trunk
interface Port-channel202
description Link:02
switchport
interface Port-channel203
description Link:03
switchport
interface Port-channel204
description Link:04
switchport
interface Port-channel205
no ip address
interface Port-channel206
no ip address
interface Port-channel207
no ip address
interface Port-channel208
no ip address
interface Port-channel209
no ip address
interface Port-channel210
description Link:10
switchport
switchport mode trunk
interface Port-channel211
description Link:11
switchport
switchport mode trunk
interface Port-channel212
description Link:12
switchport
switchport mode trunk
interface Port-channel213
description Link:13
switchport
switchport mode trunk
interface FastEthernet1
vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
interface TenGigabitEthernet1/1/1
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 1 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet1/1/2
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 1 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet1/1/3
description WAN:
no switchport
no ip address
ip ospf message-digest-key 199 md5 xxxxxxx
ip ospf network point-to-point
ip ospf 1 area 0
interface TenGigabitEthernet1/1/4
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 201 mode desirable
interface TenGigabitEthernet1/1/5
description Link: 02
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 202 mode desirable
interface TenGigabitEthernet1/1/6
description Link: 03
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 203 mode desirable
interface TenGigabitEthernet1/1/7
description Link: 04
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 204 mode desirable
interface TenGigabitEthernet1/1/8
description Link: 10
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 210 mode desirable
interface TenGigabitEthernet1/1/9
description Link: 11
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 211 mode desirable
interface TenGigabitEthernet1/1/10
description Link: 12
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 212 mode desirable
interface TenGigabitEthernet1/1/11
description Link: 13
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 213 mode desirable
interface TenGigabitEthernet1/1/12
description Link: Security
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 200 mode desirable
interface TenGigabitEthernet1/1/13
interface TenGigabitEthernet1/1/14
interface TenGigabitEthernet1/1/15
interface TenGigabitEthernet1/1/16
interface TenGigabitEthernet1/2/1
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 1 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet1/2/2
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 1 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet1/2/3
description WAN:
no switchport
no ip address
ip ospf message-digest-key 199 md5
ip ospf network point-to-point
ip ospf 1 area 0
interface TenGigabitEthernet1/2/4
interface TenGigabitEthernet1/2/5
interface TenGigabitEthernet1/2/6
interface TenGigabitEthernet1/2/7
interface TenGigabitEthernet1/2/8
interface TenGigabitEthernet2/1/1
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 2 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet2/1/2
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 2 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet2/1/3
description WAN:
no switchport
no ip address
ip ospf message-digest-key 199 md5 7 08191B783E375242431A040D327C
ip ospf network point-to-point
ip ospf 1 area 0
interface TenGigabitEthernet2/1/4
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 201 mode desirable
interface TenGigabitEthernet2/1/5
description Link: 02
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 202 mode desirable
interface TenGigabitEthernet2/1/6
description Link: 03
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 203 mode desirable
interface TenGigabitEthernet2/1/7
description Link: 04
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 204 mode desirable
interface TenGigabitEthernet2/1/8
description Link: 10
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 210 mode desirable
interface TenGigabitEthernet2/1/9
description Link: 11
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 211 mode desirable
interface TenGigabitEthernet2/1/10
description Link: 12
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 212 mode desirable
interface TenGigabitEthernet2/1/11
description Link: 13
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 213 mode desirable
interface TenGigabitEthernet2/1/12
description Link: Secu
switchport mode trunk
logging event link-status
logging event trunk-status
channel-group 200 mode desirable
interface TenGigabitEthernet2/1/13
interface TenGigabitEthernet2/1/14
interface TenGigabitEthernet2/1/15
interface TenGigabitEthernet2/1/16
interface TenGigabitEthernet2/2/1
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 2 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet2/2/2
switchport mode trunk
switchport nonegotiate
no lldp transmit
no lldp receive
no cdp enable
channel-group 2 mode on
service-policy output VSL-Queuing-Policy
interface TenGigabitEthernet2/2/3
description WAN:
no switchport
no ip address
ip ospf message-digest-key 199 md5
ip ospf network point-to-point
ip ospf 1 area 0
interface TenGigabitEthernet2/2/4
interface TenGigabitEthernet2/2/5
interface TenGigabitEthernet2/2/6
interface TenGigabitEthernet2/2/7
interface TenGigabitEthernet2/2/8
router ospf 1
router-id 192.168.22.3
area 0 authentication message-digest
passive-interface default
network 10.10.0.0 0.0.255.255 area 0
network 192.168.0.0 0.0.255.255 area 0
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.10.183.3
ip access-list extended VSL-BFD
permit udp any any eq 3784
ip access-list extended VSL-DHCP-CLIENT-TO-SERVER
permit udp any eq bootpc any eq bootps
ip access-list extended VSL-DHCP-SERVER-TO-CLIENT
permit udp any eq bootps any eq bootpc
ip access-list extended VSL-DHCP-SERVER-TO-SERVER
permit udp any eq bootps any eq bootps
ip access-list extended VSL-IPV4-ROUTING
permit ip any 224.0.0.0 0.0.0.255
kron occurrence DAILYat1 at 1:00 recurring
policy-list SaveConfig
kron policy-list SaveConfig
cli wr mem
logging trap debugging
logging source-interface Vlan500
snmp-server community
snmp-server community
ipv6 access-list VSL-IPV6-ROUTING
permit ipv6 any FF02::/124
module provision switch 1
chassis-type 70 base-mac B838.6121.2F90
slot 1 slot-type 401 base-mac B838.6121.2F90
slot 2 slot-type 400 base-mac 4C4E.358C.E548
module provision switch 2
chassis-type 70 base-mac B838.6121.2D50
slot 1 slot-type 401 base-mac B838.6121.2D50
slot 2 slot-type 400 base-mac 4C4E.358C.E580
end
VSScore#

Failing over after WRITE_ERROR_TO_SERVER exception in sendRequest()

Hi
I am getting below error in my issproxy.log file. I wanted to see the source of this URL.cpp file to find out why it is failing. I am not able to open them using DLL decompiler as well.
Could anyone tell me where can I get the source code for iisproxy.dll and iisforward.dll ?
This request is failing only when the request is routed from IIS.
================New Request: [/GLMS/index.jsp.wlforward] =================
Mon Nov 24 14:19:48 2014 <503614168189882> SSL must be used
Mon Nov 24 14:19:48 2014 <503614168189882> Initializing SSL
Mon Nov 24 14:19:48 2014 <503614168189881> INFO: Initializing SSL library
Mon Nov 24 14:19:48 2014 <503614168189881> timer thread starting
Mon Nov 24 14:19:48 2014 <503614168189881> Loaded 1 trusted CA's
Mon Nov 24 14:19:48 2014 <503614168189881> sysMkdirs() on 'C:\windows\TEMP\_wl_proxy':
Mon Nov 24 14:19:48 2014 <503614168189881> getWLFilePath: Complete File name = [C:\windows\TEMP\_wl_proxy\orbrandom.txt]
Mon Nov 24 14:19:48 2014 <503614168189881> INFO: Successfully initialized SSL
Mon Nov 24 14:19:48 2014 <503614168189882> SSL configured successfully
Mon Nov 24 14:19:48 2014 <503614168189882> resolveRequest: wlforward: /TEST/index.jsp
Mon Nov 24 14:19:48 2014 <503614168189882> URI is /GLMS/index.jsp, len=15
Mon Nov 24 14:19:48 2014 <503614168189882> Request URI = [/TEST/index.jsp]
Mon Nov 24 14:19:48 2014 <503614168189882> attempt #0 out of a max of 50
Mon Nov 24 14:19:48 2014 <503614168189882> Trying a pooled connection for 'XX.XX.XX.XX/7002/7002'
Mon Nov 24 14:19:48 2014 <503614168189882> getPooledConn: No more connections in the pool for Host[XX.XX.XX.XX] Port[7002] SecurePort[7002]
Mon Nov 24 14:19:48 2014 <503614168189882> general list: trying connect to '192.168.17.180'/7002/7002 at line 1306 for '/GLMS/index.jsp'
Mon Nov 24 14:19:48 2014 <503614168189882> New SSL URL: match = 0 oid = 22
Mon Nov 24 14:19:48 2014 <503614168189882> Connect returns -1, and error no set to 10035, msg 'Unknown error'
Mon Nov 24 14:19:48 2014 <503614168189882> EINPROGRESS in connect() - selecting
Mon Nov 24 14:19:48 2014 <503614168189882> Setting peerID for new SSL connection
Mon Nov 24 14:19:48 2014 <503614168189882> c0a8 11b4 5a1b 0000 ....Z...
Mon Nov 24 14:19:48 2014 <503614168189882> Local Port of the socket is 57397
Mon Nov 24 14:19:48 2014 <503614168189882> Remote Host xx.xx.xx.xx Remote Port 7002
Mon Nov 24 14:19:48 2014 <503614168189882> general list: created a new connection to 'XX.XX.XX.XX'/7002 for '/GLMS/index.jsp', Local port: 57397
Mon Nov 24 14:19:48 2014 <503614168189882> WLS info in sendRequest: XX.XX.XX.XX:7002 recycled? 0
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs from client:[Accept]=[application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs from client:[Accept-Encoding]=[gzip, deflate]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs from client:[Accept-Language]=[en-IN]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs from client:[Cookie]=[ADMINCONSOLESESSION=9fTkJypQ229r1ZHx6cQZG8cwHb0T0ssW8TkM7zyzzCVvNzjzDsf2!1779325670; JSESSIONID=GcZVJyXT8WMyv9pT8xGNzndSPCbBCcy1tfm5yRG1DSv8PhT97gv9!1779325670; _WL_AUTHCOOKIE_ADMINCONSOLESESSION=WcL9RbOJFiDqn3LiZO0g]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs from client:[Host]=[localhost]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs from client:[User-Agent]=[Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)]
Mon Nov 24 14:19:48 2014 <503614168189882> URL::sendHeaders(): meth='GET' file='/GLMS/index.jsp' protocol='HTTP/1.1'
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Accept]=[application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Accept-Encoding]=[gzip, deflate]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Accept-Language]=[en-IN]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Cookie]=[ADMINCONSOLESESSION=9fTkJypQ229r1ZHx6cQZG8cwHb0T0ssW8TkM7zyzzCVvNzjzDsf2!1779325670; JSESSIONID=GcZVJyXT8WMyv9pT8xGNzndSPCbBCcy1tfm5yRG1DSv8PhT97gv9!1779325670; _WL_AUTHCOOKIE_ADMINCONSOLESESSION=WcL9RbOJFiDqn3LiZO0g]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Host]=[localhost]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[User-Agent]=[Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Connection]=[Keep-Alive]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[WL-Proxy-Client-IP]=[::1]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[Proxy-Client-IP]=[::1]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[X-Forwarded-For]=[::1]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[WL-Proxy-Client-Keysize]=[128]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[30]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
Mon Nov 24 14:19:48 2014 <503614168189882> Hdrs to WLS:[WL-Proxy-SSL]=[true]
Mon Nov 24 14:19:48 2014 <503614168189881> WARN: GetSessionCallback: No session match found
Mon Nov 24 14:19:48 2014 <503614168189881> WARN: DeleteSessionCallback: No match found!!
Mon Nov 24 14:19:48 2014 <503614168189882> ERROR: SSLWrite failed
Mon Nov 24 14:19:48 2014 <503614168189882> SEND failed (ret=-1) at 805 of file ..\nsapi\.\URL.cpp
Mon Nov 24 14:19:48 2014 <503614168189882> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 806 of ..\nsapi\.\URL.cpp
Mon Nov 24 14:19:48 2014 <503614168189882> Marking xx.xx.xx.xx:7002 as bad
Mon Nov 24 14:19:48 2014 <503614168189882> Exception occurred for backend host 'XX.XX.XX.XX/7002/0' while sending request : 'WRITE_ERROR_TO_SERVER [os error=0, line 806 of ..\nsapi\.\URL.cpp]: '
Mon Nov 24 14:19:48 2014 <503614168189882> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0, line 806 of ..\nsapi\.\URL.cpp]: at line 1019; last_error 0
Mon Nov 24 14:19:48 2014 <503614168189882> INFO: Closing SSL context
Mon Nov 24 14:19:48 2014 <503614168189882> Failing over after WRITE_ERROR_TO_SERVER exception in sendRequest()

yes that is right.
Essentially you should be doing one of the following on weblogic side:
1) Installed Certs on weblogic that were obtained from a commercial CA. (like verisign, thawte etc)
In this case, you will receive rootCA crt along with the other bundled certs and private key.
these rootCA certs are publicly available (your browser will be already using them)
2) Using certs signed by your company. (companies can maintain their own CA)
In this case you should be having a rootCA cert from your company.
3) using demo certs that were shipped with weblogic.
In this case, the rootca cert can be obtained from DemoTrust.jks
this is documented at http://e-docs.bea.com/wls/docs90/plugins/isapi.html#114851 (should be same for any plugins)
Apache plug-in can understand .crt extension.
-Vijay

Java Caps 5.1.3. and SFTP (FTP over SSH)

Hi,
I'm trying to use the BatchSFTP option from the batch eway to setup FTP over SSH. I'm having trouble in setting up the keyfile. I've generated a trusted_hosts file using openSSH via CYGWIN (I'm running on W2003 server). The error I get is: Batch SFTP eWay connection failed, method=[connect()], message=[Exception when connect(), e=java.io.IOException: Invalid SSH1 public key format].
Has anyone experience with FTP over SSH and can help me out on this.
Thank you very much,
Cor Zijlstra
[email protected]

You need to convert the server public key for the server that you are connecting with to the IETF SECSH format. If you have access to do that, you can run the command ssh-keygen -f myServerPublickey.pub -e > myIETFServerPublicKey.pub. Otherwise, your UNIX server admin will need to run that. Put the ITEF key in your .ssh directory and have CAPS reference that IETF format and you should be set. Make sure the connectivity map/env explorer is set to public key authentication.
I think there is a bug in CAPS with how it is handling the SSH formated key. I have been unable to prove it to support. Furthermore, more pressing issues have taken up my time (aka, other projects).
John

Requirements on an EJB to be eligible for a fail-over

Hi all,
          I was reading the EJB developer guide for weblogic server 9.2. When talking about the fail-over feature the guide said
          "EJB failover requiers that bean methods must be idempotent and configured as such in weblogic-ejb-jar.xml"
          There are two points in this statement.
          1) Fail overs must be configured
          This is straight forward.
          2) The bean methods must be idempotent.
          I don't really understand this point. Does this suggest that the bean methods should conform to some guide lines? If so what are they?
          Probably these are clarified in some other document or other resources. Being impatient and a little lazy I would love to have this clarified in the forum.
          Thanks in advance,
          - Madhu

Daniel,
I think since this will be the ONLY system that will be running as a DC providing ADDS and the Direct access server, i should follow this advice from the article you sent:
For users who never connect directly to the Contoso intranet or through a VPN, they must use the DirectAccess
Offline Domain Join process to initially join the appropriate domain and configure DirectAccess. When this process
is complete, the users log on normally and have the same experience as if they were directly connected to the Contoso intranet.
Because remember, no user will ever connect directly to the subnet where the server is. so do an offline join First and then start managing.. Only thing im worried about is: they keep saying that the direct access function has significantly improved in windows
8. hmmmmm many systems will be using windows 7 Pro 64Bit. Some windows 8.1 Pro 64bit. should i worry?

ADT hangs over ssh

I am putting the finishing touches on our build system and have run into a show stopper bug in ADT. It seems that ADT will not function propertly over ssh. When I issue my ADT package command remotely on my Mac OS X machine via ssh, ADT simply hangs forever.
The following are the errors I see on the Mac System Log:
com.apple.SecurityServer: Session 24524 created
naip: kCGErrorFailure: Set a breakpoint @ CGErrorBreakpoint() to catch errors as they are logged.
naip: _RegisterApplication(), FAILED TO establish the default connection to the WindowServer, _CGSDefaultConnection() is NULL.
And then nothing happens. Forever.
Looking on the remote system, I see that the ADT process has created 2 files and a directory in the output directory:
drwxr-xr-x 2 build staff 68 Jun 8 13:10 adt3612439737122910737.tmp
-rw-r--r-- 1 build staff 11553 Jun 8 13:10 air6133709946041732094.tmp
-rw-r--r-- 1 build staff 11553 Jun 8 13:10 air8135951800351503639.tmp
However, nothing else happens. The directory adt3612439737122910737.tmp is empty.
The ADT package command I am running is:
adt -package -storetype pkcs12 -keystore ../build/input/air/cert.p12 -storepass mypassword -tsa none -target bundle ../build/output/tmp/StoicAssetCompiler.mac.app ../build/output/tmp/EngineCompiler-app.xml -C ../build/output/app app.engine.compiler.swf
The command works perfectly when I execute it from a terminal session as the build user. However, any ssh session causes the adt program to hang forever.
Short version: How do I invoke ADT over ssh on Mac OS X?

Additional point of information:
There are 2 users involved here:
john
build
john is logged into a desktop session. john can run ADT from a terminal, or even from a terminal ssh-d back to localhost as john.
build can run ADT from a terminal su'd to build. build cannot run ADT in any ssh session, including one ssh'd from the su'd terminal that works otherwise.

Warning: untrusted X11 forwarding setup failed: xauth key data not generate

Upon connecting to a RedHat Enterprise Linux server via ssh -X I get the following:
Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
I have previously (as in last week, ending 11/1/2008) been able to use x11 forwarding from the machine I'm trying to connect to. This problem also occurs with other servers, meaning it must be a problem with my local machine. Any suggestions are welcome.

I get that if I use
ssh -Y ...
but NOT with -X.
Do you have a $HOME/.ssh/config or /etc/ssh_config file that is specifying ForwardX11Trusted?
Mostly I ignore the message when I get it as, my X11 forwarding works OK, AND I'm in an environment where my fellow employees could do much naster things to me (and get fired for it), than spoofing my X11 sessions.

Running awesome WM over SSH?

I run awesome on my MacBook Air, when I'm at home, I tend to hook my system up to an external monitor, keyboard & mouse. I have another monitor that I would also like to implement in my setup.
My current idea is to get Arch installed on one of my Raspberry Pi's and use it as a sort of thin client, so to speak. So, I'd have the Pi connected to the other monitor, have my MacBook serving up an X session over to the Pi via the network (presumably over SSH) and the Pi displaying that on the screen, which would all seamlessly be controlled with Synergy.
I know that X forwarding is possible, however, I'd like to know if I can serve up an actual awesome session, so my Pi essentially wouldn't actually be running awesome.
Is this achievable? If so, how might I go about implementing it? I've done searches, however they seem to just assume that the client has some sort of graphical environment running already and then to just pull application windows over X, whereas I want to use it as a full desktop.
Many thanks in advance for any advice on this, it'd be greatly appreciated

Hmmm, okay, I have some queries!
I use SLiM as my display manager on my MacBook, so will this even be possible?
Ideally, I'd like to have it setup so I can simply power on my Pi, then have it boot up and initiate the X connection to my MacBook and present an awesome session on the monitor. Are there any means by which this can be achieved?
There's also the factor that I wish to log in as the standard user account that I use, so I'd already be logged in on my MacBook, then have the Pi initiate a connection also through that account... is that even possible? Perhaps I'm thinking this is like SSH
Again, many thanks in advance for any help on this!
**EDIT**
Would it perhaps be possible/better to simply have the Pi set to autologin to a local user (on the Pi) then have it autostart a minimal X session through .bash_profile, and have something like:
ssh -X -C user@MacBook
In the .xinitrc?
(Of course setup with keypairs so the login is automated)
And then I'd have to figure out a means of autorunning awesome & synergyc once it's logged in...
This is just brainstorming of course, but it might work better?
Last edited by Starfall (2012-08-23 11:16:04)

[SOLVED] Font glyphs work locally, but not over SSH?

Hello,
I am trying to get some font glyphs used for status icons (https://aur.archlinux.org/packages/stlarch_font/) to show up in a tmux session over SSH.
The setup on the local and remote machines are identical and the fonts work fine in tmux on both machines, running locally.
When attempting to view a tmux session over SSH, however, the glyphs no longer display and instead there is a blank space where they should be.
Setup:
URxvt 9.20
Tmux 1.9a
.Xresources (full)
URxvt*termName: rxvt-256color
URxvt*font: xft:dejavu sans mono for powerline:regular:pixelsize=16,\
-misc-stlarch-medium-r-normal--10-100-75-75-c-80-iso10646-1
.tmux.conf (full)
set -g default-terminal "screen-256color"
The setup is based off of tutorial: http://crunchbang.org/forums/viewtopic.php?id=20504
Any ideas?
Keith
Last edited by hughitt1 (2014-07-15 01:00:24)

--edit--
It appears that the fonts do show up properly on the remote machines when I simply SSH in; it's only when I enable X11 forwards ("-x" flag) that they no longer work...
**Update 2014/07/14** Problem not related to X11 forwarding. See below for explanation.
Last edited by hughitt1 (2014-07-15 01:00:02)

Server Pool Master fails and cannot fail over to another VM Server

Dear All,
Oracle VM 2.2.2
I have 2 VM Servers connect to Storage 6140 Array and on VM Manager I enable HA on the server pool, then on all virtual machines.
- VM Server 1 has role as Server Pool Master, Utility Server, Virtual Machine Server and has virtual machines running
- VM Server 2 has role as Utility Server, Virtual Machine Server and has virtual machines running.
I try to shutdown the VM Server 1 act as Server Pool Master but I don't see Server Pool Master fail over to another VM Server 2 and also status become to Unreachable both of 2 Servers.
Especially, All virtual machines cannot be accessible.
Please kindly give advice for this.
Thanks and regards,
Heng

Thanks Avi, I'll find and read that document. And thanks also for elaborating about the Utility Server.
After reading the followups to my original question, I tried to think of possible server "layouts" in a HA environment.
1) "N" servers in the pool, one of them is Pool Master, Utility Server AND VM Guests Server at the same time. Maybe this will be the preferred server for smaller, quicker VMs.
2) "N" servers in the pool, one is Pool Master AND Utility Server, but has no VM guests running on it
3) "N" servers in the pool, one is the Pool Master, another one is the Utility Server (none of them has VMs running on them), and finally a number of VM Guest servers
Let's take case 1. If the Pool Master & Utility server fails, given that it has VM guests running on it as well, I understand from your explanation that I'll be ANYWAY able to manually "live migrate" the guests somewhere else, using VM Manager. Is this correct?
If it's correct, then it's just a question of how much money I want to spend to have dedicated servers for different tasks, JUST FOR BETTER PERFORMANCES REASONS. Do you agree? And especially: do YOU have dedicated Pool Masters (just to figure out your "real" approach to the problem :-) )
I feel that I still miss something, the picture is not completely clear to me. The fact is, that I'm now testing on my new bladesystem, but for now I put up one single blade. Testing HA will be the next step. I was just trying to get a few things sorted out in advance, but there is still something that I'm missing, as I was saying...
Looking forward to your next reply, thanx again
Rob

[Solved] Remote X over ssh not working

Hello, I'm trying to forward X11 over ssh but it's not working.
I type
ssh -X 192.168.1.101
followed by my password, and I log in just fine.
I try to launch an X11 application and I get
$kate
kate: cannot connect to X server
SSH is supposed to be forwarding a dummy $DISPLAY to allow remote X. So I type
$echo $DISPLAY
and and get back a empty newline.
Well how about
$xinit
Fatal server error:
Server is already active for display 0
If this server is no longer running, remove /tmp/.X0-lock
and start again.
Please consult the The X.Org Foundation support
at http://wiki.x.org
for help.
Okay, I'll shut down xserver.
I do it, and type
$xinit
again. KDE launches on my remote box. It makes sense, but contradicts many guides I have read which say it should launch on my local machine.
What am I doing wrong here? This should be ridiculously simple.
Last edited by xenobrain (2010-07-06 20:45:16)

Did you enable X forwarding in your sshd config?
Did you xhost + (or ssh -Y)?
Did you crop your DISPLAY variable in a bashrc or similar script run at login?
Last edited by benob (2010-07-06 19:10:54)

[SOLVED]running xwindows session over ssh

hi guys,
i'm trying to run an entire xwindows session - the complete openbox-session - over ssh.
i'm having some joy, in that i can run graphical programs such as gedit, or pcmanfm, luakit or whatever else on the client end no problems. is it possible to run an entire desktop over ssh?
here's some configs and commands i'm running. i'm going by the arch wiki here.
sshd_config:
# $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Ciphers and keying
#RekeyLimit default none
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
PrintMotd no # pam does that
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
AllowUsers hulk
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
ssh_config
# $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
ForwardX11 yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
ServerAliveInterval 120
and the command i'm using to ssh in
ssh -X -p 22 user@hostip
i can log in fine every time, but when i do
startx
the openbox session starts on the remote machine, when obviously i want to view it on the client. i should also add i'm using urxvt to ssh in. also, please be aware this is a very basic setup as i'm just starting with ssh.
thanks
Last edited by yabasta (2013-11-06 16:44:37)

yabasta wrote:i'm trying to run an entire xwindows session - the complete openbox-session - over ssh.
If this is the case, why not use a tool that was designed specifically for this purpose? You could set up vnc and then forward the ports to run over ssh. But I have been playing with x2go, which is a open-source NoMachine alternative. It is super easy to set up and runs over ssh. What is really cool is that it actually runs far better than plain ol' vnc with a super responsive desktop.
I don't really have much practical use for it, but after playing with vnc a bit and seeing the shitty performance that it can sometimes have, I heard about NoMachine and decided to give it a whirl. I think the best part is that because it runs over ssh, it is as secure as your sshd setup is. So if you want to open it up to face the greater internet, as long as you feel confident in doing that with ssh, there is no additional ports you need to open up or anything.

[MAC] aerender via terminal over ssh root

Hey,
I am attempting to start a render on a mac over ssh via the terminal. On my test mac I can only get the command to work if I run it as root, however I will be needing to do this on an OSX Xserv cluster where I will not have root access. Here are the errors I get.
On my test Mac, not root:
"_RegisterApplication(), FAILED TO establish the default connection to the WindowServer, _CGSDefaultConnection() is NULL.
aerender ERROR -609: AESend failed to send apple event at line 712"
On the cluster, not root:
"kCGErrorRangeCheck : Window Server communications from outside of session allowed for root and console user only
INIT_Processeses(), could not establish the default connection to the WindowServer.Abort trap"
Is there anyway for me to start a render remotely, without being logged in as root?
Thanks,

jonnyflash wrote:
Is there anyway for me to start a render remotely, without being logged in as root?
I don't think so. What you are trying to do is basically to break out of the security sandbox of your SSH connection which by all means is fundmanetally evil. What you would have to do is decouple the process from your connection by sending it to the background. Back then in my SGI days we used the background alias all the time to do this, but I think the native way merely attaches a parameter by calling the PID. From what a quick search turned up, on OSX this seems to be the ampersand (&). Short of that, the convenient way is naturally doing it in a remote desktop or via a virtualisation software....
Mylenium

X forwarding suddenly failing over ssh

Similar Messages

Maybe you are looking for