Manualshelf

HP-UX Secure Shell Getting Started Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
81828384858687888990
ExitOnForwardFailure
Use this directive to specify whether ssh( 1) must terminate the connection if it cannot set up all
requested dynamic, local, and remote port forwardings. The values for ExitOnForwardFailure
are yes or no. The default value is no.
For example:
ExitOnForwardFailure no
ForwardAgent
Use this directive to specify whether the connection to the authentication agent is forwarded to
the remote machine.
NOTE: Enable agent forwarding with caution. Users with privileges to bypass file permissions
on the remote host, for the agent’s UNIX domain socket, can access the local agent through the
forwarded connection. Attackers cannot obtain key material from the agent, but they can perform
operations on the keys that enable them to authenticate using the identities loaded into the agent.
The default setting is no.
For example:
ForwardAgent no
ForwardX11
Use this directive to specify whether X11 connections must be automatically redirected over the
secure channel and DISPLAY set.
NOTE: Enable X11 forwarding with caution. Users with privileges to bypass file permissions
on the remote host, for the users X11 authorization database, can access the local X11 display
through the forwarded connection. An attacker can perform activities, such as keystroke
monitoring, if the ForwardX11Trusted option is also enabled.
The default setting is no.
For example:
ForwardX11 no
ForwardX11Trusted
Use this directive to specify whether remote X11 clients can access the original X11 display. The
xauth(1) token used for the session is set to expires after 20 minutes. Remote clients are refused
access after the time elapses.
The default setting is no.
For example:
ForwardX11Trusted no
GatewayPorts
Use this directive to specify whether remote hosts are allowed to connect to local forwarded
ports. By default, HP-UX Secure Shell binds local port forwardings to the loopback address. This
prevents other remote hosts from connecting to forwarded ports. Use GatewayPorts to specify
that HP-UX Secure Shell must bind local port forwarding to the wildcard address, and allow
remote hosts to connect to forwarded ports.
The default setting is no.
For example:
GatewayPorts no
Client Configuration Directives 87