openssh & XEmacs gnuclient issue
Dug Song
dugsong at monkey.org
Sat Nov 27 12:43:22 EST 1999
On 26 Nov 1999, Chris Green wrote:
> The trouble is when the command is to make a new frame ( window ) on a
> different X display, it fails because the Xauth cookie is not in
> .Xauthority and the user's process on the remote machine is not.
it doesn't honor the XAUTHORITY environment variable? hrm. :-/
> What advantage is it to separate the ssh cookie into a separate file
> aside from making it easier to nuke cookies when closing a connection?
specifically, it protects the file's contents when the user's home
directory is in NFS, or AFS. by using a local file, it prevents passive
network sniffing of the Xauth credentials - see Ulrich Flegel's paper on
SSH X11 vulnerabilities for details:
http://rootshell.connectnet.com/docs/ssh-x11.ps.gz
-d.
---
http://www.monkey.org/~dugsong/
More information about the openssh-unix-dev
mailing list