thr3ads.net - openssh bugs - [Bug 3197] New: reset X11 forward timeout [Jul 2020]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at mindrot.org

2020-Jul-27 21:16 UTC

[Bug 3197] New: reset X11 forward timeout

https://bugzilla.mindrot.org/show_bug.cgi?id=3197

            Bug ID: 3197
           Summary: reset X11 forward timeout
           Product: Portable OpenSSH
           Version: 8.3p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: roland_wirth at web.de

Use case:
Over the course of a long-running SSH session, a user starts several
X11 programs. When the timeout is enabled, starting any X11 program
after the 20 minute mark fails, and the only option is to disconnect
and reconnect the SSH session. A work-around is to disable the timeout,
but that has security implications.

Enhancement:
Provide some way to reset the X11 forwarding, e.g., by having a new ~x
escape that resets the timeout and generates a new xauth cookie. With
the escape in place, the timeout window itself could be much shorter
than 20 minutes, reducing the window of opportunity for an attack.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

Reasonably Related Threads

Search for more maybe matching threads

openssh bugs - Jul 2020 - [Bug 3197] New: reset X11 forward timeout

[Bug 3197] New: reset X11 forward timeout

Reasonably Related Threads

Wisdom of the Ancients