Re: ssh X-forwarding not working aix

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 04/28/04


Date: Wed, 28 Apr 2004 03:21:15 +0000 (UTC)

In article <z3vjc.56893$CU5.37843@newssvr25.news.prodigy.com>,
Darren Dunham <ddunham@redwood.taos.com> wrote:
>The channel between the two ssh machines is encrypted. That does
>nothing to prevent some third party from communicating (unencrypted)
>with the forwared port.

True, but the lack of the xauth cookie should stop them from doing
anything. Try this experiment: log in to a host with X forwarding on,
then log in from another window as another user and copy $DISPLAY.

$ ssh -X user1@localhost
user1$ echo $DISPLAY
localhost:15.0

[in another window]
$ ssh -x user2@localhost
user2$ DISPLAY=localhost:15.0 xterm

You should get an error in window 1 something like "X11 connection
rejected because of wrong authentication" and no xterm.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.