Hello, I am using OpenSSH 1.2.1 on Solaris 2.6. I am using X forwarding intensively. During work OpenSSH creates display like `hostname`:10. Is it securely?? Why not 127.0.0.1:10 or localhost:10 ? Best regards Sergey Khorev.
On Thu, 2 Mar 2000, ????? ?????? ?????????? wrote:> Hello, > I am using OpenSSH 1.2.1 on Solaris 2.6. > I am using X forwarding intensively. During work OpenSSH creates > display like `hostname`:10. Is it securely?? Why not 127.0.0.1:10 or > localhost:10 ?Where "hostname" is the machine you logged in _to_. If the target does not know its own hostname then things are very broken. IIRC some broken Unices (references?) autodetect localhost:xx $DISPLAYs and starting using shared memory to communicate. -d -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.mindrot.org/ | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
djm at mindrot.org said:> If the target does not know its own hostname then things are very > broken.> IIRC some broken Unices (references?) autodetect localhost:xx > $DISPLAYs and starting using shared memory to communicate.This certainly happens on Linux/XFree - I think it actually uses a local socket rather than shmem, but the communication method is not the same as for other IP addresses. To make life more complicated, a machine that gets its IP address from DHCP or similar may have an entry in hosts for its machine name but with 127.0.0.1 (saves rewriting hosts on each address acquisition). It would be good if openssh could handle this brokenness effectively. Nigel. -- [ - Opinions expressed are personal and may not be shared by VData - ] [ Nigel Metheringham Nigel.Metheringham at VData.co.uk ] [ Phone: +44 1423 850000 Fax +44 1423 858866 ]