Displaying 20 results from an estimated 600 matches similar to: "ssh and X11Forwarding"
2003 Oct 27
3
How to disable XFree86 and wdm listening ports
Hello,
what is the right way to disable XFree86 and wdm listening
ports tcp 6000 and tcp 1024.
I read in man XFree86 about the -nolisten tcp option
and tried to set in /usr/X11R6/lib/X11/xdm
:0 local /usr/X11R6/bin/X -nolisten tcp
but it was not successful.
What is the right way to close the ports without use of IPFW?
Your help would be appreciated.
Thank?s
Wolfgang
2000 Sep 07
0
X11Forwarding through a firewall
I am running 2.1.1p4 on RedHat Linux and several Solaris boxes. I have
X11Forwarding set to yes in .ssh/ssh_config, as well as all of the
sshd_config files. Works just fine between machines inside my firewall,
but I can't forward X11 clients from outside the firewall. We have a PIX
doing NAT. Any idea what I'm missing?
2000 Mar 07
0
X11Forwarding problem
I have just installed openssh-1.2.2p1-1
on two of my machines and I have one problem.
I have
X11Forwarding yes
in my /etc/ssh/sshd_config
but when I try to ssh to that machine I get this when i try to start rxvt:
[pucko at b202 pucko]$ rxvt
X11 connection rejected because of wrong authentication.
X connection to b202.ryd.student.liu.se:11.0 broken (explicit kill or
server shutdown). [pucko
2000 Mar 28
1
openssh X11Forwarding problem solution
Hi!
Several people noticed problems with openssh Version 1.2.2 through 1.2.3
related to X11 forwarding under Linux. For example:
Magnus Holmberg <pucko at lysator.liu.se> wrote:
> I have just installed openssh-1.2.2p1-1
> on two of my machines and I have one problem.
>
> I have
> X11Forwarding yes
> in my /etc/ssh/sshd_config
>
> but when I try to ssh to that
2017 Oct 13
2
X11forwarding yes: how to debug/setup after xauth fix
On 13/10/2017 15:29, Michael Felt wrote:
> This verifies it is xauth related:
>
> debug3: sending debug message: No xauth program; cannot forward with
> spoofing.
>
> so, added an extra debug - and this is what I see:
>
> debug1: session_input_channel_req: session 0 req x11-req
> debug3: setup_x11fwd: xauth_location == /usr/X11R6/bin/xauth
> debug3: sending debug
2017 Oct 13
2
X11forwarding yes: how to debug/setup after xauth fix
On 13/10/2017 08:03, Damien Miller wrote:
> On Thu, 12 Oct 2017, Michael Felt wrote:
>
>> On 08/10/2017 23:32, Michael Felt wrote:
>>> On 04/10/2017 11:07, Michael Felt wrote:
>>>> I do not often use X11 - but when I do I prefer to enable
>>>> X11forwarding, and when finished - turn it off. This is preferable,
>>>> imho, to having
2001 Apr 09
2
"X11Forwarding yes" causes "error: socket: Protocol not supported"
Greetings,
I'm running OpenSSH_2.5.2p2, and OpenSSL-0.9.6a, on BSD/OS 4.0.
Following the FAQ, I added the following line to my sshd_config
in order to enable X11 forwarding:
X11Forwarding yes
Now openssh is disconnecting my sessions immediately after
authentication and login with the following error messages:
"error: socket: Protocol not supported"
"Disconnecting: Command
2004 Jul 09
3
bash as a login shell (was Root users shell == no existant shell /bin/bash)
On 9 Jul 2004 at 13:11, Daniel Brown wrote:
> On the other hand, I've run across a sysadmin who always enables his
> toor accounts -- and changes its shell to bash. As a result, not only
> is there an alternate root account (good in case 'root' trampled on by
> accident or purpose), but you can get root bash as a login shell while
> leaving the real root to its normal
2017 Oct 12
2
X11forwarding yes: how to debug/setup after xauth fix
On 08/10/2017 23:32, Michael Felt wrote:
> On 04/10/2017 11:07, Michael Felt wrote:
>> I do not often use X11 - but when I do I prefer to enable
>> X11forwarding, and when finished - turn it off. This is preferable,
>> imho, to having "clear" X11 processing when local - and otherwise
>> impossible when working remote.
>>
>> Working with
2017 Oct 04
5
X11forwarding yes: how to debug/setup after xauth fix
I do not often use X11 - but when I do I prefer to enable X11forwarding,
and when finished - turn it off. This is preferable, imho, to having
"clear" X11 processing when local - and otherwise impossible when
working remote.
Working with openssh-7.5p2 I cannot figure out what (extra) I need to do
with sshd_config to get it working.
I know that there is a security-fix starting with
2004 May 10
5
rate limiting sshd connections ?
Does anyone know of a way to rate limit ssh connections from an IP address
? We are starting to see more and more brute force attempts to guess
simple passwords "/usr/sbin/inetd -wWl -C 10" is nice for slowing down
attempts to services launched via inetd. Is there an equiv method for
doing this to sshd? Running from inetd has some issues supposedly.
---Mike
2003 Jun 08
4
Removable media security in FreeBSD
I'm working with a FreeBSD user -- a teacher -- who's running KDE on a system
on which she neither has nor wants root privileges. She wants to be able to
mount and unmount floppies and ZIP cartridges from within KDE, using the
standard KwikDisk utility (which, by the way, generates mount and unmount
command that don't conform to FreeBSD syntax; however, it appears possible
to fix this
2004 Sep 24
1
sharing /etc/passwd
How 'bout PAM? /usr/ports/security/pam_ldap. If you have machines that
can't do PAM, perhaps NIS is the way to go (assuming, of course, you're
behind a firewall). You can store login information in LDAP like you want,
then use a home-grown script to extract the information to a NIS map. Or,
if you have a Solaris 8 machine lying around, you can cut out the middle
step and use
2004 Jan 06
5
Logging user activities
Hello,
What do you recommend for keeping track of user
activities? For preserving bash histories I followed
these recommendations:
http://www.defcon1.org/secure-command.html
They include using 'chflags sappnd .bash_history',
enabling process accounting, and the like.
My goal is to "watch the watchers," i.e. watch for
abuse of power by SOC people with the ability to view
2003 Sep 16
5
boot -s - can i detect intruder
Hi list
Several people have physical access to my FreeBSD box and I have the feeling
that somebody try to get access with boot -s options . Can I log activity
after boot -s option (change user password, install software and etc.).
I use boot -s and change user password, but after reboot i can't find this
atcivity in log files.
The BSD box is shutdown and run again many time at day.
Best
2003 Dec 10
4
s/key authentication for Apache on FreeBSD?
I'm constructing a Web server which may require restricted areas
of the site to be used from public places where a password might
be sniffed. The damage that could be done by taking snapshots of
the content from one session with a spy program is minimal. What
the owner of the server does NOT want, though, is to allow unauthorized
parties to gain unfettered access by stealing the password via
2003 Oct 21
2
hardware crypto and SSL?
Is anyone successfully using some sort of hardware crypto solution to
combat the overhead of SSL in http transactions? I'd love to hear
anything good or bad about this.
-Bill
--
-=| Bill Swingle - <unfurl@(dub.net|freebsd.org)>
-=| Every message PGP signed
-=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E 6414 5200 1C95 8E09 0223
-=| "Computers are useless. They can only give you
2003 Aug 06
2
statically compiled files left over after a 'make world'
Hello,
I recently did a 'make world' to update my base system due to the realpath
bug. After that finished, I noticed that I still had the following
statically compiled binaries laying around that did not get updated during
a 'make world'. I track 4-STABLE.
/usr/bin/miniperl
/sbin/mount_kernfs
/sbin/mount_devfs
/sbin/modunload
/sbin/modload
/sbin/ft
/stand/boot_crunch
/stand/find
2004 Apr 08
4
recommended SSL-friendly crypto accelerator
Hi,
I'm pondering building my own SSL accelerator out of a multi-CPU
FreeBSD system and a crypto accelerator.
What's the recommended hardware crypto accelerator card these
days?
Thanks,
==ml
--
Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org
Today's chance of throwing it all away to start a goat farm: 49.1%
http://www.BlackHelicopters.org/~mwlucas/
2003 Sep 24
4
unified authentication
Howdy list,
Sorry if this is a frequently discussed topic,
or an off-topic question, but I couldn't find much
info about my question by performing quick searches
in the archives, and my question is pretty tightly
related to security...
Background:
===========
I have a number of FreeBSD machines. Most are 4.x,
but a few are 5.x (mainly the testing/devel machines).
I also have a single Red