disable features
David Terrell
dbt at meat.net
Tue Oct 30 10:50:57 EST 2001
On Mon, Oct 29, 2001 at 03:25:52PM -0800, David Terrell wrote:
> On Wed, Oct 24, 2001 at 06:56:42PM +0200, Markus Friedl wrote:
> >
> > both agent and x11 forwarding are off by default since they allow
> > access to local resource from the remote machine where the sshd is
> > running.
> >
> > enable agent and x11 forwarding only if you trust the remote server.
>
> Is there any reason why they are disabled in the server, since they
> pose no particular additional security risks to the server itself?
> I'd rather see them on by default in the server and off by default
> in the client, since the client is both more at risk and easier to
> selectively enable.
sorry, please disregard.
I really shouldn't respond to anything when I'm catching up on list
traffic from the previous week...
--
David Terrell | "The reasons for my decision to quit were myriad, but
Nebcorp PM | central to the decision was the realization that there are
dbt at meat.net | two kinds of companies: Good ones ask you to think for
wwn.nebcorp.com | them. The others tell you to think like them." -Benjy Feen
More information about the openssh-unix-dev
mailing list