[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#327443: X Forwarding broken on IPv6 systems without X11UseLocalhost



Le samedi 10 septembre 2005 07:19, vous avez écrit :
> Package: ssh
> Version: 1:3.8.1p1-8.sarge.4
>
> Turns out that if X11UseLocalhost is disabled, sshd will only bind to
> the X11 port on one of the local IPv6 addresses (might bind to
> several, but I haven't tested that), rather than ::/IN6ADDR_ANY_INIT.
> As a result IPv4-only X clients *cannot* connect as only :: receives
> IPv4-mapped connections.
>
> OTOH when X11UseLocalhost is enabled, the current version binds to
> both 127.0.0.1 and ::1, and as a result all X clients can connect. So
> I'm actually happy since this configuration is both more functional
> and more secure.

I cannot reproduce this on Sarge. sshd binds to :: port 6010+ when 
X11UseLocalhost is disabled, so IPv4 clients should be accepted through 
IPv4-mapped addresses. How many (and which scopes) do your IPv6 
addresses have on the server?

-- 
Rémi Denis-Courmont

Attachment: pgpMwA3lg6VJ4.pgp
Description: PGP signature


Reply to: