Mikaela
/
shell-things
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

ssh_config: document ForwardAgent and ForwardX11... 

...Previously they were no without explanation, but it never hurts to
explicitly have comments on not doing that, I didn't quickly find
anything nice for ForwardAgent, but I remember the Matrix.org people
somehow avoiding hearing it and ForwardX11 first result was that
StackExchange.
This commit is contained in:
Mikaela Suomalainen 2020-05-22 14:36:26 +03:00
parent d8d48508bd
commit 856085bd74
No known key found for this signature in database
GPG Key ID: 440D764E4F4A6C2D
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
etc/ssh/ssh_config
View File

@ -15,7 +15,10 @@ Host *
# closed. # closed.
ControlPersist yes ControlPersist yes
# SSH Agent forwarding is behind a lot of security breaches, never do it
# Most recently https://github.com/matrix-org/matrix.org/issues/371
ForwardAgent no ForwardAgent no
# Never do that either https://security.stackexchange.com/a/14817/234532
ForwardX11 no ForwardX11 no
# Debian sets this as yes, upstream no. TODO: What is it? # Debian sets this as yes, upstream no. TODO: What is it?