Problem with export X

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Les Mikesell said:
> On Wed, 2005-04-06 at 15:48, William Hooper wrote:
>
>>>>
>>>> http://openssh.org/faq.html#3.13
>>>>
>>>>
>>>
>>> There are probably at least a dozen people somewhere that might
>>> understand that paragraph, but I'm not one of them.  What's the
>>> difference between a trusted and untrusted cookie, and why do I need
>>> to care now?  (I think this relates to when -X works from the client
>>> and when -Y is necessary, but maybe not...).
>>
>> As "man ssh_config" states "See the X11 SECURITY extension
>> specification for full details on the restrictions imposed on untrusted
>> clients."  This is really an option that SSH passes to xauth.
>
> Thanks, but you still lost me at 'untrusted'.  What makes a client
> trusted or not?

As it pertains to SSH, 'untrusted' is anything you forward with
"ForwardX11Trusted no".

> If it's left up to me to decide, why would I run an
> untrusted one at all?

You don't trust the admin of the server you are SSHing into.

-- 
William Hooper
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux