Secure Shell
Allow NON-Authenticated X11 Connections - How insecure/secure? Apr 20 2010 04:47AM
Jon Price (jonelwoodprice gmail com) (1 replies)
Re: Allow NON-Authenticated X11 Connections - How insecure/secure? Apr 22 2010 06:46AM
Alexander Klimov (alserkli inbox ru) (1 replies)
On Tue, 20 Apr 2010, Jon Price wrote:
> How secure (or insecure) is it to NOT require X11 Authentication but
> DO use ssh/X Forwarding?
>
> I have an application which works a lot easier if X11 Authentication
> is disabled, though I'm still using ssh w. X11 Forwarding.
> But would like to get an idea of the risks.

If you use X11 without authentication, then anyone who can open
an X-connection to your X-server (usually, just a 6000/tcp
connection), can run a keylogger to grab all your keystrokes
(search xquerykeymap for details).

--
Regards,
ASK

[ reply ]
Re: Allow NON-Authenticated X11 Connections - How insecure/secure? Apr 22 2010 06:09PM
Jon Price (jonelwoodprice gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus