forked from pool/openssh
ceda754f5a
reviewed ok. OBS-URL: https://build.opensuse.org/request/show/60057 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=7
52 lines
1.6 KiB
Diff
52 lines
1.6 KiB
Diff
Index: ssh_config
|
|
===================================================================
|
|
--- ssh_config.orig
|
|
+++ ssh_config
|
|
@@ -17,9 +17,20 @@
|
|
# list of available options, their meanings and defaults, please see the
|
|
# ssh_config(5) man page.
|
|
|
|
-# Host *
|
|
+Host *
|
|
# ForwardAgent no
|
|
# ForwardX11 no
|
|
+
|
|
+# If you do not trust your remote host (or its administrator), you
|
|
+# should not forward X11 connections to your local X11-display for
|
|
+# security reasons: Someone stealing the authentification data on the
|
|
+# remote side (the "spoofed" X-server by the remote sshd) can read your
|
|
+# keystrokes as you type, just like any other X11 client could do.
|
|
+# Set this to "no" here for global effect or in your own ~/.ssh/config
|
|
+# file if you want to have the remote X11 authentification data to
|
|
+# expire after two minutes after remote login.
|
|
+ForwardX11Trusted yes
|
|
+
|
|
# RhostsRSAAuthentication no
|
|
# RSAAuthentication yes
|
|
# PasswordAuthentication yes
|
|
Index: sshd_config
|
|
===================================================================
|
|
--- sshd_config.orig
|
|
+++ sshd_config
|
|
@@ -87,7 +87,7 @@
|
|
#AllowAgentForwarding yes
|
|
#AllowTcpForwarding yes
|
|
#GatewayPorts no
|
|
-#X11Forwarding no
|
|
+X11Forwarding yes
|
|
#X11DisplayOffset 10
|
|
#X11UseLocalhost yes
|
|
#PrintMotd yes
|
|
Index: sshlogin.c
|
|
===================================================================
|
|
--- sshlogin.c.orig
|
|
+++ sshlogin.c
|
|
@@ -133,6 +133,7 @@ record_login(pid_t pid, const char *tty,
|
|
|
|
li = login_alloc_entry(pid, user, host, tty);
|
|
login_set_addr(li, addr, addrlen);
|
|
+ li->uid=uid;
|
|
login_login(li);
|
|
login_free_entry(li);
|
|
}
|