Michael writes:
> I can ssh to the firewall directly, but if I attempt to execute the
> /usr/X11/bin/xterm command I get an error that says the display is
> explicitly killed. It looks like ssh does not know where to forward the
> X display when wrappers are included. For testing, hosts.allow contains
>
> sshd : ALL : allow
> ALL: ALL : deny
>
> for both test conditions described above.
>
> Can someone help me fix this? Have I missed something obvious??
man sshd:
----------------------------------------------------------------------
SSH WITH TCP WRAPPERS
When sshd is compiled with tcp wrappers libraries, then the host.allow/deny
files also controls who can connect to ports forwarded by sshd.
The program names in the hosts.allow/deny files are sshdfwd-<portname>,
sshdfwd-<portnumber>, and sshdfwd-X11 for forwarded ports the ssh client or
server is listening.
If the port has name defined then you must use it.
----------------------------------------------------------------------
So add
sshdfwd-X11: ALL : allow
or similar to your hosts.allow file.
--
[EMAIL PROTECTED] Work : +358-9-4354 3218
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
