[olug] Remote deskstop

Brian Wiese bwiese at cotse.com
Sat Jul 13 13:03:26 UTC 2002


On Sun, 07 Jul 2002 10:08:27 -0500
Chris Garrity <m0ntar3 at cox.net> wrote:

|Isn't it the case that when connected to a *nix via ssh and then execute 
|something like "xterm," the remote X application looks back to the local 
|X server on port 6000 (which is not encrypted)? The initial connection 
|via ssh is encrypted, however the connection between the remote X client 
|and the local X server is not encrypted.
|

Actually, I believe you are correct with this.  I remember reading a
security alert awhile ago that mentioned this "unencrypted local"
connection.  I'm not sure if its exploitable remotely or not, I just
remember hearing about it.  Sorry I cannot provide more info. /.02

|Jordan Wilberding wrote:
|
|>Hello,
|>
|>Actually you can run VNC through a ssh tunnel which does encrypt it 
|>and make it secure. Also, my password is 11 characters long so I don't
|>think there is a limit. By the way, I use TightVNC.
|>
|>-Jordan Wilberding


  Brian Wiese | bwiese at cotse.com | aim: unolinuxguru
------------------------------------------------------
  GnuPG/PGP key 0x1E820A73 | "FREEDOM!" - Braveheart 

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_




More information about the OLUG mailing list