summaryrefslogtreecommitdiff
path: root/ssh.1
diff options
context:
space:
mode:
Diffstat (limited to 'ssh.1')
-rw-r--r--ssh.115
1 files changed, 14 insertions, 1 deletions
diff --git a/ssh.1 b/ssh.1
index a7ff8d731..d7cc83c1b 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.202 2005/03/01 14:47:58 jmc Exp $ 37.\" $OpenBSD: ssh.1,v 1.203 2005/03/02 02:21:07 djm Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
@@ -831,10 +831,23 @@ Users with the ability to bypass file permissions on the remote host
831(for the user's X authorization database) 831(for the user's X authorization database)
832can access the local X11 display through the forwarded connection. 832can access the local X11 display through the forwarded connection.
833An attacker may then be able to perform activities such as keystroke monitoring. 833An attacker may then be able to perform activities such as keystroke monitoring.
834.Pp
835For this reason, X11 forwarding is subjected X11 SECURITY extension
836restrictions by default.
837Please refer to the
838.Nm
839.Fl Y
840option and the
841.Cm ForwardX11Trusted
842directive in
843.Xr ssh_config 5
844for more information.
834.It Fl x 845.It Fl x
835Disables X11 forwarding. 846Disables X11 forwarding.
836.It Fl Y 847.It Fl Y
837Enables trusted X11 forwarding. 848Enables trusted X11 forwarding.
849Trusted X11 forwardings are not subjected to the X11 SECURITY extension
850controls.
838.El 851.El
839.Sh CONFIGURATION FILES 852.Sh CONFIGURATION FILES
840.Nm 853.Nm