[CentOS] Problem with export X

Thu Apr 7 01:18:53 UTC 2005
William Hooper <whooperhsd3 at earthlink.net>

Les Mikesell said:
> On Wed, 2005-04-06 at 15:48, William Hooper wrote:
>>>> http://openssh.org/faq.html#3.13
>>> There are probably at least a dozen people somewhere that might
>>> understand that paragraph, but I'm not one of them.  What's the
>>> difference between a trusted and untrusted cookie, and why do I need
>>> to care now?  (I think this relates to when -X works from the client
>>> and when -Y is necessary, but maybe not...).
>> As "man ssh_config" states "See the X11 SECURITY extension
>> specification for full details on the restrictions imposed on untrusted
>> clients."  This is really an option that SSH passes to xauth.
> Thanks, but you still lost me at 'untrusted'.  What makes a client
> trusted or not?

As it pertains to SSH, 'untrusted' is anything you forward with
"ForwardX11Trusted no".

> If it's left up to me to decide, why would I run an
> untrusted one at all?

You don't trust the admin of the server you are SSHing into.

William Hooper