Re: X11 forwarding setup correctly?
From: Shing-Fat Fred Ma (fma@doe.carleton.ca)
Date: 11/24/02
- Next message: Brian Salter-Duke: "ssh remote gives message [: missing `]'"
- Previous message: Shing-Fat Fred Ma: "Re: X11 forwarding setup correctly?"
- In reply to: those who know me have no need of my name: "Re: X11 forwarding setup correctly?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Shing-Fat Fred Ma <fma@doe.carleton.ca> Date: 24 Nov 2002 05:02:35 GMT
those who know me have no need of my name wrote:
>>I will ask my sys admin if he can change them to
>>"yes". There doesn't seem to be any point in ssh'ing to a machine, then
>>have the xterms unencrypted.
>>
>>
>
>correct.
>
Hi,
I just want to be sure I know what I'm talking about
before I go asking my sys admin to change ssh
settings. From the man pages, enabling X11
forwarding poses a risk because someone who
can access my Xauthority file on the remote
(ssh server machine) can monitor my local (client)
X11 display, as well as see my keystrokes.
It seems kind of self defeating to disable X11
forwarding because this gives users no choice
but to open xterms outside the the ssh channel.
This is in fact what will happen. Why would this
be the default?
Also, who but me can access my Xauthority?
If they have access to my Xauthority, they pretty
well have to be me (or root), so my whole
account is vulnerable anyway. It doesn't matter
that they can see me typing my little matlab
program. Is this an overly naive way to look at it?
Fred
-- Fred Ma, fma@doe.carleton.ca Carleton University, Dept. of Electronics 1125 Colonel By Drive, Ottawa, Ontario Canada, K1S 5B6
- Next message: Brian Salter-Duke: "ssh remote gives message [: missing `]'"
- Previous message: Shing-Fat Fred Ma: "Re: X11 forwarding setup correctly?"
- In reply to: those who know me have no need of my name: "Re: X11 forwarding setup correctly?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
