[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] ssh and X11 help
Ken Schneider wrote:
From: Calin Duma <calind@xxxxxxxxxxxxx>
To: armins@xxxxxxx, suse-security@xxxxxxxx
Date: Sat, 01 May 2004 11:31:37 -0400
Subject: Re: [suse-security] ssh and X11 help
Thanks Armin. I am doing it with with an ssh config file that sets the
X11 forwarding via a config file entry
The fact that the display is correctly set as I ssh though the two
machines tells us that the X11 is forwarded - I am not sure why the
xterm does not pop up.
Because you also need to allow remote "x" programs to display on your
screen. This can be done with xhost + and then xhost - after you are through.
This is really bad advice, especially in a security list.
The xhost command is for allowing remote systems access to your display.
If you must use it, at the very least specify the host for which you
are granting access: "xhost + IP_ADDRESS". An even better way to do
this is with xauth, but it is a bit more complicated. Where xhost is
system based, xauth is session based.
The ssh X forwarding facility should work regardless of xhost. It uses
xauth with magic-cookies. I would check to make sure xauth is in your
path on both machines. If there are both stock SuSE installs, things
should just work, although you might need to specify the -X option. I
have has issues when connecting to various Solaris boxes.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here