Subject: Re: Ian's Xkernel
To: Bob Beck <>
From: Curt Sampson <>
List: port-sun3
Date: 04/10/1997 15:08:58
On Thu, 10 Apr 1997, Bob Beck wrote:

> 	Only if it's not booting dickless. Otherwise the keys to the
> kingdom are exposed via NFS :-)

I've not done a detailed analysis of this. Just off the top of my
head, however, it seems to me that there are two major advantages
this gets you, even if you make the secret key for that workstation
publically available.

1. If you convince it to, it should be able to run X *only* over
the SSH connection, not accepting connections from anywhere else.
This means that you remove a whole host of problems relating to
foreign clients attaching to your X terminal and doing something
nasty (like sniffing keystrokes). Another machine can't fake being
the server that the X terminal boots from, because it would have
to know that server's private key.

2. It becomes significantly more difficult to eavesdrop on the
passing back and forth between the two machines, and impossible
after a new session key is generated (I think). If sshd could be
told to generate a new session key immediately after a connect by
an X terminal, you'd have no way of finding out the old session

#1 is the really important thing if I want to run X terminals on
my network, since my hub provides protection against sniffing

Curt Sampson	   Info at
Internet Portal Services, Inc.	   Through infinite myst, software reverberates
Vancouver, BC  (604) 257-9400	   In code possess'd of invisible folly.