Date: Thu, 04 Mar 2004 02:15:33 -0600 From: Jon Noack <noackjr@alumni.rice.edu> To: Kevin Oberman <oberman@es.net> Cc: Christian Weisgerber <naddy@mips.inka.de> Subject: Re: Breakage in X11 over ssh tunnel Message-ID: <4046E5A5.9040901@alumni.rice.edu> In-Reply-To: <20040303225951.6647E5D07@ptavv.es.net> References: <20040303225951.6647E5D07@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/3/2004 4:59 PM, Kevin Oberman wrote: >> From: naddy@mips.inka.de (Christian Weisgerber) >> Date: Wed, 3 Mar 2004 02:46:33 +0000 (UTC) >> Sender: owner-freebsd-current@freebsd.org >> You can enabled trusted X11 forwarding with ssh's -Y switch or the >> ForwardX11Trusted configuration option. Note that this poses a >> security risk if the host where the X11 client runs is under somebody >> else's control or has been compromised. > > Thanks for the pointer, but I can't find any reference to this in either > the documentation or in the source except that it exists in the ssh.1 > file only as an entry in a list of options that may be specified. -Y is > not listed at all. I'd love to find out exactly what this does! If you built and installed OpenSSH as part of your last build/installworld (after 3.8p1 import and *DO NOT* have "NO_OPENSSH= true" or "NOCRYPT= true" in /etc/make.conf), "man ssh" and "man ssh_config" should give you the information you're looking for (or "man -M/usr/share/man ssh" and "man -M/usr/share/man ssh_config" if you've also installed OpenSSH from ports and /usr/local/bin is listed before /bin and /usr/bin in your path -- see "man man" and "man manpath" for more info). You may also type "/usr/bin/ssh" (with no arguments) for a description of ssh command line options. Here are selected CVS diffs for 3.8p1 (ssh.c, ssh.1, ssh_config.5): http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/ssh.c.diff?r1=1.24&r2=1.25&f=h http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/ssh.1.diff?r1=1.27&r2=1.28&f=h http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/ssh_config.5.diff?r1=1.11&r2=1.12&f=h Jon Noack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4046E5A5.9040901>