View | Details | Raw Unified | Return to bug 17566
Collapse All | Expand All

(-)ssh.1 (-4 / +5 lines)
Lines 207-220 Link Here
207 
.Pp
 207 
.Pp
208 
If the user is using X11 (the
 208 
If the user is using X11 (the
209 
.Ev DISPLAY
 209 
.Ev DISPLAY
210 
environment variable is set), the connection to the X11 display is
 210 
environment variable is set), the connection to the X11 display can
211 
automatically forwarded to the remote side in such a way that any X11
 211 
be forwarded to the remote side in such a way that any X11
212 
programs started from the shell (or command) will go through the
 212 
programs started from the shell (or command) will go through the
213 
encrypted channel, and the connection to the real X server will be made
 213 
encrypted channel, and the connection to the real X server will be made
214 
from the local machine.  The user should not manually set
 214 
from the local machine.  The user should not manually set
215 
.Ev DISPLAY .
 215 
.Ev DISPLAY .
216 
Forwarding of X11 connections can be
 216 
Forwarding of X11 connections weakens the security of ssh and is
217 
configured on the command line or in configuration files.
 217 
disabled by default.  X11 forwarding can be enabled on the command line
218 
or in configuration files.
218 
.Pp
 219 
.Pp
219 
The
 220 
The
220 
.Ev DISPLAY
 221 
.Ev DISPLAY
(-)sshd.8 (-3 / +1 lines)
Lines 480-488 Link Here
480 
The default is 10.
 480 
The default is 10.
481 
.It Cm X11Forwarding
 481 
.It Cm X11Forwarding
482 
Specifies whether X11 forwarding is permitted.  The default is
 482 
Specifies whether X11 forwarding is permitted.  The default is
483 
.Dq yes .
 483 
.Dq no .
484 
Note that disabling X11 forwarding does not improve security in any
485 
way, as users can always install their own forwarders.
486 
.El
 484 
.El
487 
.Sh LOGIN PROCESS
 485 
.Sh LOGIN PROCESS
488 
When a user successfully logs in,
 486 
When a user successfully logs in,

Return to bug 17566