[ale] openssh and $DISPLAY

Joe Knapka jknapka at earthlink.net
Sat Aug 12 22:43:45 EDT 2000 

Wandered Inn wrote:
> 
> "Robert L. Harris" wrote:
> >
> > A number of things like xv, xterm, and very rarely netscape.
> 
> Here's my call to nxterm from my primary machine (denali) to my work
> machine (lhotse):
> 
> ssh -l gamyers gamyers /usr/X11R6/bin/nxterm -ls -sb -sl 200 -si -sk -bg
> DarkSlateGray -fg OldLace -T lhotse -n lhotse -display denali:0

The problem with this is that, while the initial command to start the
nxterm will be encrypted by ssh, the X packets between lhotse and
denali will not, and thus are open to sniffing.

SSH provides an automatic mechanism to securely forward an X
session between the server and the client; older versions of
SSH automatically set the DISPLAY variable to point to the
forwarded port. That's what you meant, right, Robert?

-- Joe
 
> Same approach for Netscape.
> 
> >
> > Robert
> >
> > Thus spake Wandered Inn (esoteric at denali.atlnet.com):
> >
> > > "Robert L. Harris" wrote:
> > > >
> > > > Can OpenSSH be told to set the $DISPLAY variable "automatically" like
> > > > the commercial ssh1 does?
> > >
> > > What is it that you're calling?  I use openssh to call things like
> > > xterm.  Passing the arg to xterm itself works.
> > >
> > > >
> > > > :wq!
> > > > ---------------------------------------------------------------------------
> > > > Robert L. Harris                |  Micros~1 :
> > > > Senior System Engineer          |    For when quality, reliability
> > > >   at RnD Consulting             |      and security just aren't
> > > >                                 \_       that important!
> > > > DISCLAIMER:
> > > >       These are MY OPINIONS ALONE.  I speak for no-one else.
> > > > FYI:
> > > >  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> > > >
> > > > --
> > > > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
> > >
> > > --
> > > Until later: Geoffrey         esoteric at denali.atlnet.com
> > >
> > > Microsoft != Innovation
> > > --
> > > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
> >
> > :wq!
> > ---------------------------------------------------------------------------
> > Robert L. Harris                |  Micros~1 :
> > Senior System Engineer          |    For when quality, reliability
> >   at RnD Consulting             |      and security just aren't
> >                                 \_       that important!
> > DISCLAIMER:
> >       These are MY OPINIONS ALONE.  I speak for no-one else.
> > FYI:
> >  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> 
> --
> Until later: Geoffrey           esoteric at denali.atlnet.com
> 
> Microsoft != Innovation
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

-- 
*** Joseph Knapka ***
In any formula, constants (especially those obtained from handbooks)
are to be treated as variables.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list