Date: Fri, 25 Jun 1999 00:50:32 +0930 (CST) From: Mark Newton <newton@atdot.dotat.org> To: mjung@npc.net (Jung, Michael) Cc: security@FreeBSD.ORG Subject: Re: X and SSH Message-ID: <199906241520.AAA25556@atdot.dotat.org> In-Reply-To: <c=US%a=_%p=Financial_Allian%l=EXCHANGE-990624152342Z-7791@exchange.finall.com> from "Jung, Michael" at Jun 24, 99 11:23:42 am
next in thread | previous in thread | raw e-mail | index | archive | help
Jung, Michael wrote:
> I have been reading these threads and unless I missed something
> this has not seen this addressed. Suppose you use ssh, tterm etc to
> securely connect to a host. Once on the host you want to export your
> display back to a client so you can bring up a X application. How does
> one have the X session encrypted?
ssh does this for you: It automatically sets up your $DISPLAY to
point to a tunnel passed back across the encrypted session. All
X11 traffic is encrypted as a result (unless you override the
$DISPLAY setting by manually setting it or passing a -display
parameter to an X client).
You can get a similar effect by running:
ssh -R 6009:localhost:6000 foo.bar.com
... and manually setting your $DISPLAY to localhost:9.0 when you
have successfully logged in to it. You never need to do this manually,
though, because ssh configures X11 forwarding by default.
- mark
--------------------------------------------------------------------
I tried an internal modem, newton@atdot.dotat.org
but it hurt when I walked. Mark Newton
----- Voice: +61-4-1620-2223 ------------- Fax: +61-8-82231777 -----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906241520.AAA25556>