Displaying 20 results from an estimated 5000 matches similar to: "ForwardX11Trusted"
2016 Mar 14
2
[Bug 2552] New: ssh -X and "ForwardX11Trusted no" break most applications, distros turn on "ForwardX11Trusted yes"
https://bugzilla.mindrot.org/show_bug.cgi?id=2552
Bug ID: 2552
Summary: ssh -X and "ForwardX11Trusted no" break most
applications, distros turn on "ForwardX11Trusted yes"
Product: Portable OpenSSH
Version: 7.2p1
Hardware: All
OS: All
Status: NEW
Severity:
2004 May 23
5
OpenSSH v3.8p1 fails to interoperate for GSSAPI (Kerberos) and X-Windows
Versions: openssh-3.8p1-33, heimdal-0.6.1rc3-51, XFree86-4.3.99.902-40,
tk-8.4.6-37, all from SuSE 9.1 (unhacked); back-version peers have
openssh-3.5p1, XFree86-4.3.0-115, etc. from SuSE 8.2.
Symptoms:
1. When the client and server versions are unequal, the Kerberos ticket
is not accepted for authentication. All the clients have
PreferredAuthentications gssapi-with-mic, gssapi, others.
2.
2005 Feb 28
2
[Bug 987] "man ssh" doesn't mention 'ForwardX11Trusted'
http://bugzilla.mindrot.org/show_bug.cgi?id=987
Summary: "man ssh" doesn't mention 'ForwardX11Trusted'
Product: Portable OpenSSH
Version: 3.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Documentation
AssignedTo: openssh-bugs at
2018 Apr 27
4
[PATCH] allow indefinite ForwardX11Timeout by setting it to 0
This change allows use of untrusted X11 forwarding (which is more
secure) without
requiring users to choose a finite timeout after which to refuse new
connections.
This matches the semantics of the X11 security extension itself, which
also treat a
validity timeout of 0 on an authentication cookie as indefinite.
Signed-off-by: Trixie Able <table at inventati.org>
---
clientloop.c | 12
2005 Mar 26
0
bug: X11 forwarding silently falls back to ForwardX11Trusted=yes
On 2005-01-11 at 6:36:13 Darren Tucker said:
> kochera at postfinance.ch wrote:
> > We upgraded from 3.7.1p2 to 3.9p1. The behaviour of the X11 forwarding
> > changed significantly, it is much slower. See below the truss output
> > (server side which runs 3.7.1p2) an check for the timestamp (6 seconds
> > delay). Do you have any idea what may causes this behaviour?
2004 Apr 05
5
[Bug 832] X forwarding crashes on some applications
http://bugzilla.mindrot.org/show_bug.cgi?id=832
Summary: X forwarding crashes on some applications
Product: Portable OpenSSH
Version: 3.8p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: ktaylor
2011 Jul 26
0
ForwardX11Trusted=no and dead characters
Hi,
although i'm using X11Forwarding only in my local environment, i'd like
to avoid setting 'ForwardX11Trusted' to 'yes'.
When starting applications like 'freerdp' on the remote machine while
'ForwardX11Trusted' is _not_ set to 'yes' on the client, the characters
\ = 51 = <BKSL> backslash
| = 94 = <LSGT> pipe
won't work.
Any
2015 Jul 05
2
ssh -X versus -Y
On 07/05/2015 04:51 AM, Liam O'Toole wrote:
> One practical difference I have seen is the improved performance of -Y
> over -X. I have long attributed that to the relaxation of security
> controls in the former case.
When and how did you measure that?
The -Y change was introduced in Fedora Core 3, in November 2004. The
default was changed to ForwardX11Trusted=yes just a month or
2015 Jul 06
1
ssh -X versus -Y
On Mon, 6 Jul 2015, Liam O'Toole wrote:
> On 2015-07-05, Gordon Messmer > <gordon.messmer at gmail.com> wrote:
>> On 07/05/2015 04:51 AM, Liam O'Toole wrote:
>>
>> At this point, I don't think it's even possible to set
>> ForwardX11Trusted=no any more. The X SECURITY extension was replaced
>> with "X Access Control Extension"
2002 Dec 29
0
[Bug 459] New: ssh-keygen doesn't know how to export private keys
http://bugzilla.mindrot.org/show_bug.cgi?id=459
Summary: ssh-keygen doesn't know how to export private keys
Product: Portable OpenSSH
Version: 3.5p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh-keygen
AssignedTo: openssh-unix-dev at mindrot.org
2015 Jun 26
3
ssh -X versus -Y
On Fri, 26 Jun 2015 at 03:16 -0000, Alexandru Chiscan wrote:
> On 06/25/2015 11:51 PM, Stuart Barkley wrote:
> > Then from your desktop (assuming Linux already running X) in a
> > local xterm do something like:
> >
> > ssh -Y remote-system
>
> Do not use that because any user logged on the server can connect to
> your X server display and snoop what you
2004 Feb 28
4
[Bug 803] Security Bug: X11 Forwarding is more powerful than it needs to be.
http://bugzilla.mindrot.org/show_bug.cgi?id=803
Summary: Security Bug: X11 Forwarding is more powerful than it
needs to be.
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: ssh
AssignedTo: openssh-bugs
2004 Apr 13
2
X11 forwarding
X11 forwarding is not working.
It has unstable behaviour, X clients often have lost connections (cannot
find window). Typical example - gimp, launched from remote host.
Tested latest snapshots.
2015 Jun 26
1
An odd X question
Hello Stuart,
On 06/25/2015 11:51 PM, Stuart Barkley wrote:
> For (ssh based) X forwarding no X server needs to run on the server.
> I usually install the xorg-x11-xauth (necessary) and xterm (optional)
> rpms on all my servers in case X forwarding becomes necessary.
>
> Then from your desktop (assuming Linux already running X) in a local
> xterm do something like:
>
>
2014 Jan 02
0
ForwardX11Timeout = 0 disables untrusted connections
Hi,
it seems that setting
ForwardX11Trusted = yes
ForwardX11Timeout = 0
causes untrusted connections to be refused immediately. While this
certainly makes sense this way, I believe in this case ForwardX11Timeout
= 0 might be better used for disabling the timeout entirely (the current
behaviour is the same as ForwardX11Trusted = no).
Is there some reason while this would be a bad idea?
2010 Feb 26
8
[Bug 1718] New: Spurious messages "X11 connection rejected because of wrong authentication."
https://bugzilla.mindrot.org/show_bug.cgi?id=1718
Summary: Spurious messages "X11 connection rejected because of
wrong authentication."
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
2005 Jan 11
1
xterm crashes consistently
I am running Fedora 3 on a Dell 600. The version of OpenSSH is
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
I am connect to a Sparc Solaris 9
uname -a
SunOS mycomp 5.9 Generic_117171-07 sun4u sparc SUNW,Ultra-250
I use ssh to get from Fedora to the Sparc
ssh -X root at mycomp
mycomp password:
And I am logged in.
For this example I run xterm, but it also fails with xemacs
Run xterm
The terminal
2004 Mar 19
2
X forwarding and BadWindow error
Has anybody else experienced weird X11 forwarding problems such
as the one below:
andreas at teste10:~> x3270
X Error of failed request: BadWindow (invalid Window parameter)
Major opcode of failed request: 3 (X_GetWindowAttributes)
Resource id in failed request: 0x404372
Serial number of failed request: 833
Current serial number in output stream: 834
or
andreas at teste10:~>
2011 Aug 25
1
Add missing -o options in ssh(1) manual
A few options appear to be missing from the list in ssh's manual.
The one I didn't add is EnableSSHKeysign, whose description implies
it is only effective when placed in the system-wide config file.
Index: ssh.1
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh.1,v
retrieving revision 1.319
diff -u -p -r1.319 ssh.1
--- ssh.1 7 May 2011
2006 Oct 07
0
[Bug 987] "man ssh" doesn't mention 'ForwardX11Trusted'
http://bugzilla.mindrot.org/show_bug.cgi?id=987
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Comment #3 from dtucker at zip.com.au 2006-10-07 11:38 -------
Change all RESOLVED bug to CLOSED with the exception