[ale] openssh and $DISPLAY

Thompson Freeman tfreeman at intel.digichem.net
Sat Aug 12 23:30:28 EDT 2000 


Unless I'm sadly mistaken, I'm using openssh under RH6.2, and the DISPLAY
variable gets set very nicely.

On Sat, 12 Aug 2000, Robert L. Harris wrote:

> Thus spake Joe Knapka (jknapka at earthlink.net):
> 
> > Wandered Inn wrote:
> > > 
> > > "Robert L. Harris" wrote:
> > > >
> > > > A number of things like xv, xterm, and very rarely netscape.
> > > 
> > > Here's my call to nxterm from my primary machine (denali) to my work
> > > machine (lhotse):
> > > 
> > > ssh -l gamyers gamyers /usr/X11R6/bin/nxterm -ls -sb -sl 200 -si -sk -bg
> > > DarkSlateGray -fg OldLace -T lhotse -n lhotse -display denali:0
> > 
> > The problem with this is that, while the initial command to start the
> > nxterm will be encrypted by ssh, the X packets between lhotse and
> > denali will not, and thus are open to sniffing.
> > 
> > SSH provides an automatic mechanism to securely forward an X
> > session between the server and the client; older versions of
> > SSH automatically set the DISPLAY variable to point to the
> > forwarded port. That's what you meant, right, Robert?
> > 
> 
> Exactly.  Tunneling the Display through the tunnel.  Can OpenSSH 
> do this?
> 
> Robert
> 
> :wq!
> ---------------------------------------------------------------------------
> Robert L. Harris                |  Micros~1 :  
> Senior System Engineer          |    For when quality, reliability 
>   at RnD Consulting             |      and security just aren't
>                                 \_       that important!
> DISCLAIMER:
>       These are MY OPINIONS ALONE.  I speak for no-one else.
> FYI:
>  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> 
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
> 

-- 
===========================================
The harder I work, the luckier I get.
                    Lee Iocca
===========================================
Thompson Freeman          tfreeman at digichem.net

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list