SSH & xauth (fwd)

Mike Fisk mfisk at
Sat Mar 4 06:08:19 EST 2000

On Fri, 3 Mar 2000, Sean Aaron Lisse wrote:

> > I have a suggestion that I think would be useful to implement.
> > People who have seen the Firewall Toolkit's X proxy will find this
> > suggestion familiar.  The fwtk provides a small proxy that users set their
> > DISPLAY to.  Whenever a new connection is initiated to that proxy, the
> > proxy pops-up a dialog box on the user's real DISPLAY.  The user must
> > agree to accept that incoming connection before the proxy will forward the
> > data from it.
> My main objection to this would be that it's dependent upon the dialog-box
> program's presence.  You're tying down X forwarding to the
> presence/absence of another (perhaps machine-specific!) program in the
> system, and perhaps the compilation of SSH to the presence of X at all.
>  Not a wonderful idea for a uniform text-based suite like SSH.  I'd have
> no problems at all if SSH was originally designed to be GUI with adding
> another dialog box.  Since it's not, however, I'd argue against it.

I wasn't been paying complete attention, but there have been some threads
on this list about the X programs (ssh-askpass, etc.) that prompt for
passwords.  I would assume that this dialog box would be provided the same
way that that functionality is provided (however that is or isn't

The client could issue a text prompt in the tty, but that disrupts
whatever output is on that window (which might also be iconified and

Mike Fisk, RADIANT Team, Network Engineering Group, Los Alamos National Lab
See for contact information

More information about the openssh-unix-dev mailing list