YupYup Non. | Code :
- X11 and TCP forwarding
- If the ForwardX11 variable is set to ``yes'' (or, see the description of
- the -X and -x options described later) and the user is using X11 (the
- DISPLAY environment variable is set), the connection to the X11 display
- is automatically forwarded to the remote side in such a way that any X11
- programs started from the shell (or command) will go through the
- encrypted channel, and the connection to the real X server will be made
- from the local machine. The user should not manually set DISPLAY. For
- warding of X11 connections can be configured on the command line or in
- configuration files.
- The DISPLAY value set by ssh will point to the server machine, but with a
- display number greater than zero. This is normal, and happens because
- ssh creates a ``proxy'' X server on the server machine for forwarding the
- connections over the encrypted channel.
- ssh will also automatically set up Xauthority data on the server machine.
- For this purpose, it will generate a random authorization cookie, store
- it in Xauthority on the server, and verify that any forwarded connections
- carry this cookie and replace it by the real cookie when the connection
- is opened. The real authentication cookie is never sent to the server
- machine (and no cookies are sent in the plain).
- If the user is using an authentication agent, the connection to the agent
- is automatically forwarded to the remote side unless disabled on the com
- mand line or in a configuration file.
- Forwarding of arbitrary TCP/IP connections over the secure channel can be
- specified either on the command line or in a configuration file. One
- possible application of TCP/IP forwarding is a secure connection to an
- electronic purse; another is going through firewalls.
|
rtfm. ---------------
"The marketing guys said the HP-35 would be a failure because it was too small, and then we couldn't make them fast enough to meet the demand. The marketing folks don't know everything." - Bill Hewlett
|
