Subject: Re: ssh - are you nuts?!?
To: None <firstname.lastname@example.org>
From: Luke Mewburn <email@example.com>
Date: 12/21/2000 00:45:59
On Wed, Dec 20, 2000 at 05:35:32AM -0800, firstname.lastname@example.org wrote:
> > I've never had any trouble. In fact, I received your message via a
> > forwarded POP3 connection, and will send the reply via a forwarded SMTP
> > connection....
> I guess I should be clearer. For a professional like yourself,
> this seems to be a good "thing". But in practice, isn't this feature
> more of rarity for the average user? Given, of course, that SSH2
> is not really that pervasive?
ssh port forwarding is present in SSHv1. A lot of people use ssh port
forwarding and ssh X11 port forwarding & X11 cookie munging, even in
One of the more difficult problems in using X11 ``securely'' between
machines is passing xauth cookies and $DISPLAY variables between
hosts. Many years ago I devised a scheme (*) to encode $DISPLAY and the
xauth cookie into $TERM to abuse the $TERM passing in rlogin and
telnet. However, this wasn't a very optimal solution, and ssh does a
much better job of doing this. ssh also creates a `per session' xauth
cookie which is useful if your X server runs for a long time and you
only want to maintain a valid xauth cookie for the duration of that
session (as opposed for the duration of the X servers life, which may
be much greater than the time that you were connected to any given
(*) and I know other people did similar hacks over the years.
Mine managed to fit $DISPLAY and the xauth data and $TERM into
~ 63 bytes of ASCII text, but required the remote machine have a
perl script to decode $TERM back into $TERM/$DISPLAY/xauth.
Once I started using ssh a few years ago my use of this hack
effectively stopped :-)
Luke Mewburn <email@example.com> http://www.wasabisystems.com
Luke Mewburn <firstname.lastname@example.org> http://www.netbsd.org
Wasabi Systems - providing NetBSD sales, support and service.