On Fri, 22 Sep 2017 08:54:30 -0400, Renaud wrote in message
<20170922085430.0b228...@ron.cerrocora.org>:
> On Fri, 22 Sep 2017 14:31:44 +0200
> Arnt Karlsen <a...@iaksess.no> wrote:
>
> > > I don't know how one can prevent you from running ssh -X
> > > root@localhost . Permission to do so is set/unset
> > > in /etc/ssh/sshd_config .
> >
> > ..ok, how?
>
> "X11Forwarding yes" ?
..yep. I may be missing something stupid here:
arnt@d44:~/heads$ ssh -vX root@127.0.0.1
OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.2l 25 May 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/arnt/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/arnt/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
debug1: Remote protocol version 2.0, remote software version
OpenSSH_6.7p1 Debian-5+deb8u3
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat
0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64-...@openssh.com none
debug1: kex: client->server aes128-ctr umac-64-...@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA
12:04:9e:f4:23:9b:a6:f7:8c:b1:98:72:cd:13:f2:66
debug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in /home/arnt/.ssh/known_hosts:29
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/arnt/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/arnt/.ssh/id_dsa
debug1: Trying private key: /home/arnt/.ssh/id_ecdsa
debug1: Trying private key: /home/arnt/.ssh/id_ed25519
debug1: Next authentication method: password
root@127.0.0.1's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
root@127.0.0.1's password:
arnt@d44:~/heads$
--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
