Date: Thu, 02 Aug 2001 12:26:53 -0700 From: "Kevin Oberman" <oberman@es.net> To: User & Ian Patrick Thomas <ipthomas_77@yahoo.com> Cc: parv <parv_@yahoo.com>, freebsd-questions@FreeBSD.ORG Subject: Re: conflicting info on OpenSSH Message-ID: <200108021926.f72JQrm05862@ptavv.es.net> In-Reply-To: Your message of "Wed, 01 Aug 2001 23:40:13 EDT." <20010801234013.A35642@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Wed, 1 Aug 2001 23:40:13 -0400 > From: User & Ian Patrick Thomas <ipthomas_77@yahoo.com> > Sender: owner-freebsd-questions@FreeBSD.ORG > > O.K., that's the clarification I needed. It seems that it is a better > idea not to forward X11 connections over OpenSSH, right? It seems it's better not to have a remote X11 connection, but if you DO have one, it's far better to tunnel it in SSH than to run it in clear, especially considering how easy the X11 protocol is to hack and that most systems still use MIT-MAGIC-COOKIE-1 which is easily broken for security. I really strongly disagree with the change of the default from forwarding of X11 to not forwarding. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108021926.f72JQrm05862>