Re: ssh X-forwarding not working aix
From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: Wed, 28 Apr 2004 03:21:15 +0000 (UTC)
In article <z3vjc.56893$CU5.email@example.com>,
Darren Dunham <firstname.lastname@example.org> wrote:
>The channel between the two ssh machines is encrypted. That does
>nothing to prevent some third party from communicating (unencrypted)
>with the forwared port.
True, but the lack of the xauth cookie should stop them from doing
anything. Try this experiment: log in to a host with X forwarding on,
then log in from another window as another user and copy $DISPLAY.
$ ssh -X user1@localhost
user1$ echo $DISPLAY
[in another window]
$ ssh -x user2@localhost
user2$ DISPLAY=localhost:15.0 xterm
You should get an error in window 1 something like "X11 connection
rejected because of wrong authentication" and no xterm.
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.