[Fwd: Re: X-windows security in Gnome]
David F. Newman
dnewman at maraudingpirates.org
Sat May 18 07:43:09 EST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 17 May 2002 05:13 pm, Nicolas.Williams at ubsw.com wrote:
> The "integration" of SSH with apps is already there.
>
> Read the OpenSSH [or other SSH implementation's] man pages and the SSHv2
> specs. RTFM!
>
> Essentially SSH supports tunneling of X11 traffic. The SSH daemon is
> responsible for creating a local X11 display endpoint and setting the
> DISPLAY environment variable appropriately, then the apps you run in SSH
> sessions with X11 forwarding do the right thing and open a display which is
> really the SSH daemon and which proxies back-and-forth to the SSH client,
> which then proxies back and forth to its DISPLAY.
>
[snip]
IMHO, I wouldn't call that "integrated". ssh is an external tool which
provides a tunnel for the X traffic. I would consider it integrated if the X
server itself talked SSH as well as the core X libraries. X clients would
connect to <someotherhost>:0 instead of <localhost:10> and the X libraries
would transparently use the SSH protocol if available.
This would be analogous to a non-SSL aware mail client using stunnel to access
an SSL imap mailbox. If the mail client to talk SSL natively to the server
without anything in between then you could call it integrated.
- -Dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (SunOS)
iD8DBQE85Xlxu3B/p4jCw/IRAtNwAKCIYKLbmiT0lY6Q27L1kHFQldSQ3QCfRDm+
Wam0KRzwdx+W1GSmOQqodg4=
=KUkw
-----END PGP SIGNATURE-----
More information about the openssh-unix-dev
mailing list