Bureaucrats, cc_docs_admin, cc_staff
2,879
edits
SSH configuration file: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 29: | Line 29: | ||
* <code>ForwardX11Trusted yes</code> | * <code>ForwardX11Trusted yes</code> | ||
* <code>ForwardAgent yes</code> | * <code>ForwardAgent yes</code> | ||
in the corresponding sections of your configuration file. | in the corresponding sections of your configuration file. However, we do not recommend doing so in general, for these reasons: | ||
* Enabling X11 forwarding by default for all of your connections can slow down your sessions, especially if your X11 client on your computer is misconfigured. | |||
Similarly, while forwarding your SSH agent is convenient | * Similarly, while forwarding your SSH agent is convenient and more secure than typing a password on a remote computer, it still comes with a risk. Should the server to which you are connecting to be compromised, a privileged user (<code>root</code>) could use your agent and connect to another host without your knowledge. That is why we recommend to use agent forwarding ''only'' when you need it. We also recommend that if you use this feature, you should combine it with <code>ssh-askpass</code>, so that any use of your SSH agent triggers a prompt on your computer, preventing usage of your agent without your knowledge. | ||
[[Category:Connecting]] | [[Category:Connecting]] | ||
</translate> | </translate> | ||