Red Hat Bugzilla – Bug 150262
SSH client should use trusted X forwarding by default if asked for X forwarding
Last modified: 2007-11-30 17:07:16 EST
OpenSSH now defaults to no X forwarding which is right because using X
forwarding when ssh-ing to untrusted server could allow attacker to
gain access to the client's machine.
However when ssh is asked to enable X forwarding (by -X option or
ForwardX11 yes in configuration file) it will use X security extension
which will make most X applications break with cryptic error messages.
This makes X forwarding unusable. The option 'ForwardX11Trusted yes'
should be added to the configuration file so the -X option works as
expected enabling full trusted X forwarding.
See also bug 137685.
Adding the bug alias "rhel4-x11forwarding" to make it easier to close
bugs as duplicates of this master bug.
*** Bug 150184 has been marked as a duplicate of this bug. ***
Fix confirmed with openssh-3.9p1-8.RHEL4.4 which is included in RHBA-2005:046.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
*** Bug 148819 has been marked as a duplicate of this bug. ***
*** Bug 171966 has been marked as a duplicate of this bug. ***