Re: SSH & xauth

From: Cy Schubert - ITSD Open Systems Group (Cy.Schubertat_private)
Date: Sun Feb 27 2000 - 14:30:27 PST

Next message: Brett Glass: "Re: Zonealarm exports sensitive data"

Previous message: Simple Nomad: "Re: Troj_Trinoo and ZZ"
Maybe in reply to: Brian Caswell: "SSH & xauth"
Next in thread: Andrey: "Re: SSH & xauth"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <20000224173135.A4478at_private>, Brian Caswell writes:
> The default SSH configuration for SSH1 and SSH2 allow for remote
> controlling of X sessions through X forwarding.

[discussion of vulnerability edited out]

> Allowing X forwarding seems to be turned on by default in SSH1, SSH2,
> and OpenSSH.

OpenSSH as of Tue Feb 1 02:19:07 EST 2000, probably before then, has X
forwarding turned off by default.

[discussion of fix removed]


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Team Leader, Sun/DEC Team   Internet:  Cy.Schubertat_private
UNIX Group, ITSD, ISTA
Province of BC
                    "COBOL IS A WASTE OF CARDS."

Next message: Brett Glass: "Re: Zonealarm exports sensitive data"
Previous message: Simple Nomad: "Re: Troj_Trinoo and ZZ"
Maybe in reply to: Brian Caswell: "SSH & xauth"
Next in thread: Andrey: "Re: SSH & xauth"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:37:32 PDT