Bug#280190: ssh: typo in README.Debian wrt. ForwardX11Trusted

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#280190: ssh: typo in README.Debian wrt. ForwardX11Trusted
From: Faheem Mitha <faheem@email.unc.edu>
Date: Sun, 07 Nov 2004 17:22:43 -0500
Message-id: <[🔎] E1CQvQp-0003T3-00@Chrestomanci>
Reply-to: Faheem Mitha <faheem@email.unc.edu>, 280190@bugs.debian.org

Package: ssh
Version: 1:3.8.1p1-8.sarge.2
Severity: minor

/usr/share/doc/ssh/README.Debian says

**********************************************************************
OpenSSH 3.8 invented ForwardX11Trusted, which when set to no causes the
ssh client to create an untrusted X cookie so that attacks on the
forwarded X11 connection can't become attacks on X clients on the remote
machine. However, this has some problems in implementation - notably a
very short timeout of the untrusted cookie - breaks large numbers of
existing setups, and generally seems immature. The Debian package
therefore sets the default for this option to "no" (in ssh itself,
rather than in ssh_config).
***********************************************************************

I think the "no" in the second to last line of that para should be "yes",
since in fact "ForwardX11Trusted yes" is the default, and otherwise the para
does not make sense.

                                                             Faheem.

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.4.27.040914
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages ssh depends on:
ii  adduser                     3.59         Add and remove users and groups
ii  debconf                     1.4.30.8     Debian configuration management sy
ii  dpkg                        1.10.23      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-18 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-22      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-22      Runtime support for the PAM librar
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7d-5     SSL shared libraries
ii  libwrap0                    7.6.dbs-6    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.2-1    compression library - runtime

-- debconf information:
  ssh/insecure_rshd:
  ssh/privsep_ask: true
* ssh/user_environment_tell:
* ssh/forward_warning:
  ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
  ssh/disable_cr_auth: false
* ssh/privsep_tell:
  ssh/ssh2_keys_merged:
* ssh/protocol2_only: true
  ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true

Reply to:

Follow-Ups:
- Bug#280190: ssh: typo in README.Debian wrt. ForwardX11Trusted
  - From: Colin Watson <cjwatson@debian.org>
- Bug#280190: marked as done (ssh: typo in README.Debian wrt. ForwardX11Trusted)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#88337: Fw: shinto
Next by Date: Bug#280190: ssh: typo in README.Debian wrt. ForwardX11Trusted
Previous by thread: Bug#88337: Fw: shinto
Next by thread: Bug#280190: ssh: typo in README.Debian wrt. ForwardX11Trusted
Index(es):
- Date
- Thread