View Single Post
Old 19th December 2008
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 696
Default

Quote:
Originally Posted by robbak View Post
Why do you keep messing around with X11UseLocalhost???? Leave it as the default.

From my quick read of man sshd_config, that variable tells ssh (that is the local client) whether it should bind to the local X11 server on the ssh client, or forward the requests to some other X server on the local network. man sshd tells me that generally there is some scripting magic to set X11UseLocalHost based on what DISPLAY is set to on the local system anyway.
Actually, X11UseLocalhost doesn't change which X server is used, it just changes which IPort the proxy X server binds to, and which IPort is used for the DISPLAY environment variable.

With X11UseLocalhost set (the default), the proxy X server binds to 127.0.0.1:6010 and DISPLAY is set to localhost:10.0. With X11UseLocalhost disabled, the proxy X server binds to *:6010 (binds to port 6010 on all IPs) and the DISPLAY is set to :10.0.

The first setting is more secure as only processes running on the system can use the forwarded X port. The second setting is less secure, and any process (local or remote) can (potentially) connect to the forwarded X port.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote