Secure Shell
Allow NON-Authenticated X11 Connections - How insecure/secure? Apr 20 2010 04:47AM
Jon Price (jonelwoodprice gmail com) (1 replies)
Re: Allow NON-Authenticated X11 Connections - How insecure/secure? Apr 22 2010 06:46AM
Alexander Klimov (alserkli inbox ru) (1 replies)
Re: Allow NON-Authenticated X11 Connections - How insecure/secure? Apr 22 2010 06:09PM
Jon Price (jonelwoodprice gmail com)
Hi,

You said...
If you use X11 without authentication, then anyone who can open
> an X-connection to your X-server (usually, just a 6000/tcp
> connection), can run a keylogger to grab all your keystrokes
> (search xquerykeymap for details).
>

But I will use ssh with X11 Forwarding. The "X11 Authentication" being
disabled is what I'm asking about.

Won't the ssh w X11 Forwarding protect me against scenarios like the
one you describe?

Thanks,
Jon

On Thu, Apr 22, 2010 at 2:46 AM, Alexander Klimov <alserkli (at) inbox (dot) ru [email concealed]> wrote:
> On Tue, 20 Apr 2010, Jon Price wrote:
>> How secure (or insecure) is it to NOT require X11 Authentication but
>> DO use ssh/X Forwarding?
>>
>> I have an application which works a lot easier if X11 Authentication
>> is disabled, though I'm still using ssh w. X11 Forwarding.
>> But would like to get an idea of the risks.
>
> If you use X11 without authentication, then anyone who can open
> an X-connection to your X-server (usually, just a 6000/tcp
> connection), can run a keylogger to grab all your keystrokes
> (search xquerykeymap for details).
>
> --
> Regards,
> ASK
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus