X11 tunnel over ssh and then rsh

Oliver Fromme olli at lurza.secnetix.de
Fri Aug 22 11:00:30 UTC 2008


Roberto Nunnari wrote:
 > Wait! I found a possible workaround.. it seams that setting
 > X11UseLocalhost = no
 > on sshd_config tell sshd to bind the X11 forwarding server
 > to the wildcard address..

You will still have to forward the X11 authentication to
the client machine with xauth(1) or xhost(1), I think.
Using xhost(1) is much easier, but it's insecure.  On the
other hand you're using rsh and a public network socket
to connect to, so everything you do is insecure anyway.

I hope you're going to make your users aware of that.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"If Java had true garbage collection, most programs
would delete themselves upon execution."
        -- Robert Sewell


More information about the freebsd-questions mailing list