In message <20000228150226.A19949_at_ruff.cs.jmu.edu>, Brian writes:
> Ok, just to make sure everyone completely understands my previous post
> about SSH & xauth.
[edited out]
> For absolute security, a client should always give out trust in the
> smallest portions available. Trusting X tunneling by default is not a
> good idea, and should be turned off. As stated in previous postings,
> if you must use X, use Xnest.
Another alternative would be to use xforward or xroute. Both are
capable of notifying you of incoming X connections and you can allow or
deny each one specifically. The downside however, is that with either
you need to trust the host that your X server is running on, e.g. xhost
x_server_machine. If you're using a desktop system that isn't used by
anyone else, you should be O.K.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/DEC Team Internet: Cy.Schubert_at_uumail.gov.bc.ca
UNIX Group, ITSD, ISTA
Province of BC
"COBOL IS A WASTE OF CARDS."
Received on Mar 01 2000
Intro
