Re: ssh and X11 question: tcp_wrappers?

To: Colin Telmer <telmerco@telmer.com>
Cc: Debian Users <debian-user@lists.debian.org>
Subject: Re: ssh and X11 question: tcp_wrappers?
From: Adam Shand <larry@alaska.net>
Date: Thu, 12 Nov 1998 15:23:50 -0900 (AKST)
Message-id: <[🔎] Pine.LNX.4.05.9811121519200.10584-100000@badger.alaska.net>
In-reply-to: <[🔎] Pine.LNX.3.96.981112181041.1242A-100000@telmer.com>

> Hi, when I ssh to another sshd machine, I can't forward X11
> connections back to the machine where I am logged into the console. I
> always get the following error message:

this means (surprise, surprise) that tcp_wrappers is denying the forwarded
x session.  what i do is restrict ssh via tcp_wrappers and then add this
line (using the logic that if they can ssh to my box and log in i'm happy
for them to forward x sessions back to their box).

in your hosts.allow file you need to add this line (on the box you are
ssh'd *into*) if you are using tcp_wrappers in advanced mode:

sshdfwd-X11: ALL : ALLOW

or if you are in normal mode (standard debian i believe):

sshdfwd-X11: ALL@ALL

adam.

------------------------ Internet Alaska ------------------------
 4050 Lake Otis Pkwy	   Adam  Shand	     (v) +1 907 562 4636
 Anchorage, AK 99508     Technical  Lead     (f) +1 907 562 4807
--------------------- http://www.spack.org/ ---------------------

    "Computers are useless.  They can only give you answers."
			- Pablo Picasso -

Reply to:

References:
- ssh and X11 question: tcp_wrappers?
  - From: Colin Telmer <telmerco@telmer.com>

Prev by Date: Re: /dev/cdrom problem
Next by Date: Re: xterm-debian
Previous by thread: ssh and X11 question: tcp_wrappers?
Next by thread: HELP slink upgrade: netscape: locale `C' not supported
Index(es):
- Date
- Thread