RE: Some servers do not forward X11, but I do not know why.

OK, you're all right and looking back I see he is using SSH with the -X
so that would mean he won't need the less secure method.  The only time
we still run into problems is if you have to su to a different user at
the machine you go to, then you lose the xauth.  

Thank you all who mentioned the low security of using the open xhost
method.

Randy 

-----Original Message-----
From: Vladimir Levijev [mailto:vladimir.levijev@gmail.com] 
Sent: Thursday, December 08, 2005 9:04 AM
To: Young, Randy
Cc: Christopher L. Barnard; secureshell@securityfocus.com; Christopher
L. Barnard
Subject: Re: Some servers do not forward X11, but I do not know why.

On 12/7/05, Young, Randy <RWYoung@verisign.com> wrote:

> The first question I have is did you set xhost to allow the other 
> server in?  Normally setting "xhost +" is not a good idea, it's a 
> security hole, so I usually do "xhost servername" to allow it in, and 
> when done I "xhost -servername" to remove it.

I'd like to add that this will help only in case the older xhost-type
authentication is used. The newer method is xauth.

--
[vl@dimir]#