I've noticed that disabling X11 Forwarding in the config file does not
disable it. But, if you disable it when you compile, then it is truly
disabled.
Michael Hulet
Network System Administrator
ITTC, University of Kansas
On Wed, 13 Oct 1999, Seann Dorand wrote:
>
> I noticed that sshd listens on ports 60xx in addition to port 22. I would
> assume that this is of course for x-forwarding.
>
> If I DISABLE x11forwarding and restart SSH, it still listens on port 60xx.
> Each additional incoming SSH session creates yet another listener on 60xx+1.
>
> Does anyone know why it is creating these listeners? If it is definitely
> for X11 forwarding, and X11 forwarding is disabled via the config file, why
> does it still listen on these ports?
>
> Better yet, how is access control performed for these ports? Does SSH check
> its "allowed hosts" for incoming connections to that port?
>
> I find the implications of this disturbing. Running SSHD on a firewall
> starts other ports listening in the 60xx range. Worse yet, connecting to
> these ports remotely doesn't log anything via syslog and who knows if
> there's any way to compromise security via this port.
>
> Has anyone else noticed this behavior? Is this a known issue?
>
> ----------------------------------------------------------------------------
> | Seann Dorand | E-mail : [EMAIL PROTECTED] |
> | Network Systems Engineer | Pager : (888) 796-2341 |
> | International Network Services | Phone : (610) 313-4100 |
> | 2500 Renaissance Blvd, Suite 300 | Fax : (610) 313-4125 |
> | King of Prussia, PA 19406 | "The Knowledge Behind the Network" |
> ----------------------------------------------------------------------------
>
