[olug] SSH X Forwarding (was remote desktop)

Matthew G. Marsh mgm at midwestlinux.com
Sat Jul 13 23:00:57 UTC 2002 

On Sat, 13 Jul 2002, Brian Wiese wrote:

> On Sun, 07 Jul 2002 10:08:27 -0500
> Chris Garrity <m0ntar3 at cox.net> wrote:
>
> |Isn't it the case that when connected to a *nix via ssh and then execute
> |something like "xterm," the remote X application looks back to the local
> |X server on port 6000 (which is not encrypted)? The initial connection
> |via ssh is encrypted, however the connection between the remote X client
> |and the local X server is not encrypted.

If all you do is set DISPLAY then yes. But that is considered a
keyboard-seat interface error... ;-}

Seriously - try 'man ssh' and read the part about X forwarding...

> Actually, I believe you are correct with this.  I remember reading a
> security alert awhile ago that mentioned this "unencrypted local"
> connection.  I'm not sure if its exploitable remotely or not, I just
> remember hearing about it.  Sorry I cannot provide more info. /.02
>
> |Jordan Wilberding wrote:
> |
> |>Hello,
> |>
> |>Actually you can run VNC through a ssh tunnel which does encrypt it
> |>and make it secure. Also, my password is 11 characters long so I don't
> |>think there is a limit. By the way, I use TightVNC.
> |>
> |>-Jordan Wilberding
>
>
>   Brian Wiese | bwiese at cotse.com | aim: unolinuxguru
> ------------------------------------------------------
>   GnuPG/PGP key 0x1E820A73 | "FREEDOM!" - Braveheart
>
> -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
> For help contact olug-help at olug.org - run by ezmlm
> to unsubscribe, send mail to olug-unsubscribe at olug.org
> or `mail olug-unsubscribe at olug.org < /dev/null`
> (c)1998-2002 OLUG http://www.olug.org
>
> -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>

--------------------------------------------------
Matthew G. Marsh,  President
Paktronix Systems LLC
1506 North 59th Street
Omaha  NE  68104
Phone: (402) 932-7250 x101
Email: mgm at paktronix.com
WWW:  http://www.paktronix.com
--------------------------------------------------


-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

More information about the OLUG mailing list