I still don't understand the point of authenticating myself to my own local X server when using X11 forwarding, I tried: ssh -R /tmp/.X11-unix/X0:/tmp/.X11-unix/X0 user at server # and then DISPLAY=:0 xterm and everything is working fine without the mess with xauth, so why it is required to use use xauth when doing X11 forwarding with ssh?
Darren Tucker
2017-Mar-13 22:53 UTC
What's the point of using xauth when using X11 forwarding?
On Tue, Mar 14, 2017 at 7:50 AM, Xu Pu Ti <rslovers at yandex.com> wrote:> I still don't understand the point of authenticating myself to my own local > X server when using X11 forwarding,X11Forwarding uses TCP, and xauth is what stops anyone else on the server (or any machine, if X11UseLocalhost=no) from snooping on your display and keyboard, injecting keystrokes and any of the the other things you can do with an X server. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Thanks, now I understand the problem. I rarely encounter the situation where multiple people need to login to the same machine, and when I do they're usually separated by different network namespaces, so I didn't think of that at first.