View previous topic :: View next topic |
Author |
Message |
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3625
|
Posted: Sat Nov 19, 2022 10:56 am Post subject: ssh -X between 2 gentoo boxes possible? |
|
|
ssh -Y works fine here.
Expecte to be saferkeeps on failing as Code: | debug2: client_x11_get_proto: xauth command: /usr/bin/xauth -f /tmp/ssh-XXXXXX64ysLI/xauthfile generate :0 MIT-MAGIC-COOKIE-1 untrusted timeout 1260 2>/dev/null
Warning: untrusted X11 forwarding setup failed: xauth key data not generated | whether xorg-server[xcsecurity] openssh[X] are activated or not on the remote along with Code: | X11Forwarding yes
X11UseLocalhost no | changes from default remote /etc/ssh/sshd_config.
These USE flags aren't activated on the client though.
Am I missing something or should I stay with -Y?
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here.
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3625
|
Posted: Fri Dec 09, 2022 4:52 pm Post subject: Re: ssh -X between 2 gentoo boxes possible? |
|
|
CaptainBlood wrote: | ssh -Y works fine here.
Code: | X11Forwarding yes
#X11UseLocalhost yes | changes from default remote /etc/ssh/sshd_config.
| Plz note default Code: | #X11UseLocalhost yes | is required for a straightforward -Y option working solution.
My apologizes.
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here.
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Fri Dec 09, 2022 7:13 pm Post subject: |
|
|
Do you know that 'ssh -Y' and 'ssh -X' are dangerous?
Everyone who has access to the remote account on the remote machine can take screenshots of your local machine and can log all keys you press, even if you are working in a local application.
No problem if you are the only one who has access to the remote machine. But internet banking or maintaining your local password database while being connected with ssh -X/-Y to a students' server on a university campus is probably a bad idea... |
|
Back to top |
|
|
toralf Developer
Joined: 01 Feb 2004 Posts: 3922 Location: Hamburg
|
Posted: Fri Dec 09, 2022 9:03 pm Post subject: |
|
|
mike155 wrote: | Do you know that 'ssh -Y' and 'ssh -X' are dangerous?
Everyone who has access to the remote account on the remote machine can take screenshots of your local machine and can log all keys you press, even if you are working in a local application.
|
I'm wondering how this has to be made. |
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Fri Dec 09, 2022 10:52 pm Post subject: |
|
|
It's so easy you won't believe it.
Let's ssume...
- I create a local user 'toralf' on my machine
- You run an X server on your machine (no wayland compositor)
- You use "ssh -Y" to log in from your machine to user 'toralf' on my machine.
All I have to do on *my* machine is:
- su - toralf
- xwd -root > a.dump
- gimp a.dump
That gives me a full screenshot of *your* X11 session: I can see *your* root window and all windows that are opened on your screen. |
|
Back to top |
|
|
|