disable features
David Terrell
dbt at meat.net
Tue Oct 30 10:25:52 EST 2001
On Wed, Oct 24, 2001 at 06:56:42PM +0200, Markus Friedl wrote:
>
> both agent and x11 forwarding are off by default since they allow
> access to local resource from the remote machine where the sshd is
> running.
>
> enable agent and x11 forwarding only if you trust the remote server.
Is there any reason why they are disabled in the server, since they
pose no particular additional security risks to the server itself?
I'd rather see them on by default in the server and off by default
in the client, since the client is both more at risk and easier to
selectively enable.
--
David Terrell | "Any sufficiently advanced technology
Prime Minister, Nebcorp | is indistinguishable from a rigged demo."
dbt at meat.net | - Brian Swetland
http://wwn.nebcorp.com/
More information about the openssh-unix-dev
mailing list