Bug 3197 - reset X11 forward timeout
Summary: reset X11 forward timeout
Status: NEW
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 8.3p1
Hardware: All All
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-28 07:16 AEST by Roland Wirth
Modified: 2020-07-28 07:16 AEST (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Roland Wirth 2020-07-28 07:16:42 AEST
Use case:
Over the course of a long-running SSH session, a user starts several X11 programs. When the timeout is enabled, starting any X11 program after the 20 minute mark fails, and the only option is to disconnect and reconnect the SSH session. A work-around is to disable the timeout, but that has security implications.

Enhancement:
Provide some way to reset the X11 forwarding, e.g., by having a new ~x escape that resets the timeout and generates a new xauth cookie. With the escape in place, the timeout window itself could be much shorter than 20 minutes, reducing the window of opportunity for an attack.