On 06/26/2015 12:16 AM, Alexandru Chiscan wrote: > Do not use that because any user logged on the server can connect to > your X server display and snoop what you are doing, open windows etc. > > -Y disables all the X server authentication mechanisms > (http://www.x.org/wiki/Development/Documentation/Security/) Not authentication, only SECURITY. Any "root" user can connect to your X11 server, whether you use -X or -Y, since they can read your .Xauthority file. Users who cannot read your .Xauthority file cannot connect at all. The difference between trusted and untrusted is that trusted clients can snoop keyboard events or window contents. Untrusted clients cannot do that. However, on Fedora, ForwardX11Trusted is "yes" by default (see ssh_config), so -X and -Y do the same thing.