remote xterm - how can I make it work

[Alexander Gottwald]

kumarchi@attbi.com wrote:

> xhost + <remote_machine> 
> and add to the remote control list ( i guess i will put it in .xinitrc)

After reading that and the telnet thing from the first post I _have_ to
add some security notes. 

First: telnet is bad! With telnet everything you enter is sent unprotected
over the network. Everybody on the path between the local and the remote 
host can read all you enter. Even passwords. 

_Instead of telnet, use ssh where possible!_

Using xhost is a security problem too. You allow everyone on the remote host 
to connect to your xserver. This means again he can control the complete 
X11 desktop (and capture any keystrokes). Normally these authentication is
done via a autogenerated password (called cookies). You can show and edit 
this authentication info with the program xauth.

The X11 forwarding option of ssh tries to bypass this vulnerabiltiy. You only 
connect to a virtual xserver to which only _you_ can connect and all network
traffic to the real xserver is encrypted by ssh. So no one on the network can 
listen what you do.  

In short: 

Use ssh!
"ssh -X remotehost" will create a connection to the remote host and set up 
everthing for X11 forwarding. Ever xclient started on the remotehost within 
the session is automaticly forward to your display.


bye
    ago, writing long christmas security information

Merry Christmas to everone on the list!    
    
NP: grauzone.02-12-23
-- 
 Alexander.Gottwald@informatik.tu-chemnitz.de 
 http://www.gotti.org           ICQ: 126018723