X11 forward in F12
Suvayu Ali
fatkasuvayu+linux at gmail.com
Wed May 12 04:42:35 UTC 2010
Hi Kevin,
On Tuesday 11 May 2010 09:13 PM, Kevin Fenzi wrote:
> On Tue, 11 May 2010 14:43:22 -0700
> Suvayu Ali<fatkasuvayu+linux at gmail.com> wrote:
>
>> May I suggest using -Y instead of -X. Its supposed to be more secure.
>
> This is not a good idea. ;)
>
> If you use -X it uses all the regular xauth checks for access/security.
>
> If you use -Y it makes a 'trusted' forward. This could leave you
> exposed to remote access from a machine you have ssh'ed into.
> You should only use -Y in the very rare event that you have a app that
> doesn't work with -X.
>
I think the man page for ssh is a little misleading (mis-worded maybe?).
I posted the relevant section from `man 5 ssh_config' in another message
to this thread. That seems to imply otherwise.
I'm not at all well versed in anything X, given the above mentioned doc
would you still think its better to use -X over -Y?
> kevin
>
--
Suvayu
Open source is the future. It sets us free.
More information about the users
mailing list