Network Security: Detailed info on Re: X11 forwarding and DISPLAY variable

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: X11 forwarding and DISPLAY variable

from [Derek Martin] Network Security

[Permanent Link]

Subject:	Re: X11 forwarding and DISPLAY variable
Date:	Fri, 14 Oct 2005 11:55:13 -0400

On Thu, Oct 13, 2005 at 09:57:35AM -0700, Kelly Lucas wrote:

On the machine where you want to display X, as the user you logged in 
as, type:

xhost +


No no no no no no no!  You don't need to do this with OpenSSH, EVER!
SSH uses the much better MIT-MAGIC-COOKIE method of authenticating X
protocol connections, and does not need to muck with host-based X
authentication.

This will give permission to remote clients to display on it.


Yes, it will give permission to ALL remote clients to access your
desktop, which is most certainly not what you want.

When you SSH, try using:

ssh -X <hostname>


This is all you need.  If this solves the problem, you can do it
automatically by putting

  ForwardX11=yes

in your /etc/ssh/ssh_config file, or (if you don't have root access to
your machine) in your personal $HOME/.ssh/config file.

-- 
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D

pgpsGQGDxgzLl.pgp
Description: PGP signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
X11 forwarding and DISPLAY variable, Bernd Prager Re: X11 forwarding and DISPLAY variable, Robin Green Re: X11 forwarding and DISPLAY variable, Kelly Lucas Re: X11 forwarding and DISPLAY variable, Peter KjellstrÃm Re: X11 forwarding and DISPLAY variable, Derek Martin <= Re: X11 forwarding and DISPLAY variable, Bill Feero Re: X11 forwarding and DISPLAY variable, Peter KjellstrÃm Re: X11 forwarding and DISPLAY variable, K. Jusupov Re: X11 forwarding and DISPLAY variable, Martin Schröder Re: X11 forwarding and DISPLAY variable, Bjorn Steensrud RE: X11 forwarding and DISPLAY variable, Carlson, Scott

Previous by Date:	Re: X11 forwarding and DISPLAY variable, Peter KjellstrÃm
Next by Date:	Re: X11 forwarding and DISPLAY variable, Peter KjellstrÃm
Previous by Thread:	Re: X11 forwarding and DISPLAY variable, Peter KjellstrÃm
Next by Thread:	Re: X11 forwarding and DISPLAY variable, Bill Feero
Indexes:	[Date] [Thread] [Top] [All Lists]