[CentOS] remote ssh to machine how display firefox

Bill Campbell centos at celestial.com
Fri Dec 7 23:46:14 UTC 2007


On Fri, Dec 07, 2007, Les Mikesell wrote:
>Karanbir Singh wrote:
>
>>>>>ssh -X <machine to connect to> firefox
>>>>you prolly meant -Y :D
>>>>
>>>Ok well just double checked and tested it here and -X works here.  I
>>>knew about -Y but thought you only use that if you absolutely have too :)
>>
>>the reason I would prefer -Y is that its ( well, the man page says
>>anyway ) more secure than -X. Also, these days a lot of admins will
>>disable -X functionality on machines. Have not come across anywhere -Y
>>didnt work ( and the host OS was installed in the last 5 years ).
>>
>>I am not doubting that -X will mostly work, but perhaps we should be
>>promoting the idea of -Y a bit more.
>
>Coming from a fedora client, you have had to specify -Y for a while for 
>most things to work.  But I don't think the man page makes it very clear 
>what the difference is.  What's a 'trusted' forwarding mean as opposed 
>to any other kind?

This is controlled by setting ForwardX11Trusted yes|no in the ssh_config
file so my guess is that earlier versions of Fedora didn't set this.

I first ran into a problem with this when connecting to a FreeBSD 4.8
system.  It took me a while to figure out why X11 clients didn't work from
my Linux desktops.  The strange thing was that xeyes would work, but xterms
would not.

Bill
--
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

But how is this legal plunder to be identified? Quite simply. See if the
law takes from some persons what belongs to them, and gives it to other
persons to whom it does not belong. See if the law benefits one citizen at
the expense of another by doing what the citizen himself cannot do without
committing a crime. -- Frederic Bastiat, The Law



More information about the CentOS mailing list