Re: Allow NON-Authenticated X11 Connections - How insecure/secure?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

You said...
 If you use X11 without authentication, then anyone who can open
> an X-connection to your X-server (usually, just a 6000/tcp
> connection), can run a keylogger to grab all your keystrokes
> (search xquerykeymap for details).
>

But I will use ssh with X11 Forwarding. The "X11 Authentication" being
disabled is what I'm asking about.

Won't the ssh w X11 Forwarding protect me against scenarios like the
one you describe?

Thanks,
Jon






On Thu, Apr 22, 2010 at 2:46 AM, Alexander Klimov <alserkli@xxxxxxxx> wrote:
> On Tue, 20 Apr 2010, Jon Price wrote:
>> How secure (or insecure) is it to NOT require X11 Authentication but
>> DO use ssh/X Forwarding?
>>
>> I have an application which works a lot easier if X11 Authentication
>> is disabled, though I'm still using ssh w. X11 Forwarding.
>> But would like to get an idea of the risks.
>
> If you use X11 without authentication, then anyone who can open
> an X-connection to your X-server (usually, just a 6000/tcp
> connection), can run a keylogger to grab all your keystrokes
> (search xquerykeymap for details).
>
> --
> Regards,
> ASK
>

[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux