Ubuntu For Free » OpenSSH

Problems with kdesu via SSH after Hardy Heron Upgrade

admin — Tue, 16 Sep 2008 02:48:47 +0000

I started encountering an error when using kdesu via SSH after Hardy Heron was installed. I’ve since upgraded to 8.04.1 as well and still am running into this bug.

X11 connection rejected because of wrong authentication. kate: cannot connect to X server localhost:10.0

I know I’m not the only Kubuntu user, and there is proof I am not the only user encountering this error. I’ve been getting around it by using gksu which has no problems with my authentication. I suppose I could just alias kdesu and kdesudo (i tried it with no luck too!) to gksu, but I’d like to see an update fix this in the upcoming months. The nice fade effect of gksu is a welcome change sometimes.

Upgrade from Gutsy to Hardy

admin — Wed, 21 May 2008 19:50:26 +0000

I have admittedly put it off for way too long. The recent OpenSSL Vulnerability with weak keys prompted me to change that on one of my systems. I was forced to use dist-upgrade when OpenSSL would not update, leaving me to continuously recreating weak keys. While I normally update packages using the command line, I was hesitant of using the GUI for Adept Manager. My previous attempts with dist-upgrade have all been failures (From Edgy to Feisty to Gutsy…) so I was not really expecting a smoothe transition. I used the GUI Adept Manager because it was the recommended method per the Kubuntu Hardy Heron upgrade documentation. Adept immediately gave me an error and closed the first time I tried. I rebooted and tried again with the same error. I kept trying, and it finally decided it would do it…and it did it well. I rebooted and I was almost unable to tell any difference. I did notice I had the new wallpaper available, but otherwise, OpenSSL let me create new, uncompromised keys… and that was what was important to me. It was so painless, I felt brave and tried it on another server. This time, no error message, and it upgraded just as easily. I still have one workstation remaining on Gutsy, a laptop that I don’t have any pressing need to update. The slow server took about two hours to update, and the faster one took about one hour.

The OpenSSL Vulnerability

admin — Tue, 20 May 2008 14:00:21 +0000

I recently established my network to use SSH connections. My three Ubuntu systems I discovered were using weak keys that had been generated using the flawed packages. If you haven’t been paying attention, Canonical issued USN-612-1 on 5/13/2008. If you’re using keys that have been generated since September 2006, it’s likely that you need to regenerate all keys. If you have any doubts, I encourage you to regenerate all keys. It will affect any key used that was generated on a compromised system. The biggest trouble for me was getting OpenSSL and OpenSSH-server packages to update. I used the ssh-copy-id command to make it the process easy for me.