On Wed, 31 Jan 2007 09:54:30 +1100 "Amos Shapira" <[EMAIL PROTECTED]> wrote:
> On 31/01/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > you can also get around it with: > > AllowTcpForwarding yes <-- I assume the default of this is no as > > well. > > > I forgot about that one but the manual says that the default is > "yes". You still need to enable the X11Forwarding which is a separate > flag as you stated. > > but would have to deal with the security yourself in that case. > > > > You already seem to have your X server listening on a TCP port so > > you are OK there (the default these > > days is to use a unix socket I think) > > > That's not relevant - once the X11 connection is forwarded to the > local ssh client, the ssh client can use UNIX-domain sockets to > connect to the local X11 server just like any other local X11 client. > > If all of that fails then the sshd -ddd looks like a plan to me, use a > > different port (e.g. -p 5022) - you will need to run this after you > > ssh'ed in of course. > > > And make sure the port is accessible through any firewall on the way > (you DO have iptables set up, do you?) closed down on Misty as part of the investigation. I'm behind a NAT router with all of these machines so it seems minimal risk. Alan > > Cheers, > > --Amos > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Alan L Tyree http://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670 Mobile: +61 427 486 206 Fax: +61 2 4782 7092 FWD: 615662 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html