[ale] openssh and $DISPLAY
Robert L. Harris
Robert.L.Harris at rnd-consulting.com
Sat Aug 12 22:53:38 EDT 2000
Thus spake Joe Knapka (jknapka at earthlink.net):
> Wandered Inn wrote:
> >
> > "Robert L. Harris" wrote:
> > >
> > > A number of things like xv, xterm, and very rarely netscape.
> >
> > Here's my call to nxterm from my primary machine (denali) to my work
> > machine (lhotse):
> >
> > ssh -l gamyers gamyers /usr/X11R6/bin/nxterm -ls -sb -sl 200 -si -sk -bg
> > DarkSlateGray -fg OldLace -T lhotse -n lhotse -display denali:0
>
> The problem with this is that, while the initial command to start the
> nxterm will be encrypted by ssh, the X packets between lhotse and
> denali will not, and thus are open to sniffing.
>
> SSH provides an automatic mechanism to securely forward an X
> session between the server and the client; older versions of
> SSH automatically set the DISPLAY variable to point to the
> forwarded port. That's what you meant, right, Robert?
>
Exactly. Tunneling the Display through the tunnel. Can OpenSSH
do this?
Robert
:wq!
---------------------------------------------------------------------------
Robert L. Harris | Micros~1 :
Senior System Engineer | For when quality, reliability
at RnD Consulting | and security just aren't
\_ that important!
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
FYI:
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list