In message <20000228150226.A19949at_private>, Brian writes: > Ok, just to make sure everyone completely understands my previous post > about SSH & xauth. [edited out] > For absolute security, a client should always give out trust in the > smallest portions available. Trusting X tunneling by default is not a > good idea, and should be turned off. As stated in previous postings, > if you must use X, use Xnest. Another alternative would be to use xforward or xroute. Both are capable of notifying you of incoming X connections and you can allow or deny each one specifically. The downside however, is that with either you need to trust the host that your X server is running on, e.g. xhost x_server_machine. If you're using a desktop system that isn't used by anyone else, you should be O.K. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubertat_private UNIX Group, ITSD, ISTA Province of BC "COBOL IS A WASTE OF CARDS."
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:38:43 PDT