Re: Securing SSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I agree, one should never use xhost +, this undoes all the work done by the -X or -Y ssh options.
In fact using ssh -Y user@remote is good enough.
The -Y option is for *trusted* X11 connections.

Also as mentioned earlier  the file .ssh/authorized_keys must be set to perms 600 in
conjunction with the "StrictModes yes" in sshd_config.

~af

On 5/23/06, Paul Howarth <paul@xxxxxxxxxxxx > wrote:
On Tue, 2006-05-23 at 14:01 -0400, Ed Gurski wrote:
> You can  also transfer your X-windows apps to your local system by doing
> the following:
>
> On your system:
>
> xhost +   (allows remote X apps)
> ssh -Y remote_computer -p the_new_port
>
> Now once logged in, you can test this using :
>
> xclock
>
> You should then see the Xclock on your system from the remote system.

You shouldn't need the "xhost +" to do this. To your local X server, the
connection appears to be coming from your own host when you use ssh this
way, not the remote host.

Paul.


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux