Hi, On 2021-06-29 2:43 p.m., Greg Wooledge wrote:
> DO NOT USE xhost + WITH ssh -X OR ssh -Y > > That was the fucking point. WoW... Take it *easy* there... > Now, if you want to advocate that people should use xhost + because I never talked about xhost myself. And the only thing I said was that by learning how things work from the inside out, you'll be able to fully understand problems that may arise when ssh -X does not do what you want automatically. > that's how you learned things back in the early 1990s, that's your right, > but I hope you will at least point out how INCREDIBLY INSECURE this is, I never said in no situation something like "use xhost +". The same way as I never said to unblock all the ports on your router or to let everyone have access to *sudo* on a server. > > Even then, you wouldn't combine it with ssh -X. xhost + and manually > overriding DISPLAY bypasses the ssh encryption layer entirely. It also > involves starting the X server with a non-default option, so it's quite > a lot more work than using ssh -X. Which is good. We wouldn't want the > horribly broken way to be the easy way. > I never said anything related to using DISPLAY and / or xhost with ssh. Maybe if you read what it is said in the complete context, then you may start to get a beginning of a understanding. You are *messing up* two things. The first : I suggested to read some book, someone else gave some good references for books name as I only suggested "X11 books from O'Reilly". The second : I suggested to learn on how does X11 networking infrastructure work. And this is how does a client know where to display using the DISPLAY variable and how does X11 authenticate client. *As you can see, there's no indication of using xhost* The third : This thread suggested to use ssh -X for using a X client and X server on different machine. As a easier way around. The fourth : I suggested to still learn the inner working of X authentication so that if a problem arise with ssh -X then you'll be able to do some diagnostic yourself. The fifth : You show up and....(whatever) -- Polyna-Maude R.-Summerside -Be smart, Be wise, Support opensource development
OpenPGP_signature
Description: OpenPGP digital signature