Status of Bugzilla #1153
Jefferson Ogata
Jefferson.Ogata at noaa.gov
Wed Feb 22 02:31:25 EST 2006
On 02/21/2006 10:10 AM, Carson Gaspar wrote:
> --On Tuesday, February 21, 2006 11:03 AM +0100 Simon Vallet
> <svallet at genoscope.cns.fr> wrote:
>>OK -- we have globally the following setup here : an external ssh
>>gateway performing X11 forwarding to the internal network -- as this
>>machine is multihomed, a call to gethostname() returns (correctly IMO)
>>the short name of the gateway, which is the value used to set DISPLAY
>>and to add xauth credentials.
>
> No. gethostname() needs to return the (or a) FQDN of the server. Anything
> else is just broken and begging for trouble. This is sysadmin 101.
Not everyone agrees with that opinion.
DNS is just a namespace, after all. It isn't the be-all, end-all of
namespaces, especially given how easy it is to spoof. Consider that
sysadmin 240. :^)
One thing I don't understand: my experience is that ssh uses
localhost:x.0 for the DISPLAY variable. Am I on crack?
--
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service
More information about the openssh-unix-dev
mailing list