Posted by: Anonymous
on October 19, 2007 02:22 PM
I agree with the review, sometimes you don't need xdmcp, specially when you need security over wireless or public Internet.
Other thing is that with ssh you can open only one tcp port on a firewall, if you use xdmcp you need to open an insecure one. xdmcp is an unsecure protocol too.
The only thing I add to the review is the possibility to enable compression through ssh tunnels like this:
ssh -p [port] -Y -C user@machine
the -C option enables gzip compression and is useful when you have fast machines and slow connections or restricted bandwidth.
I need to say too that you DON'T need to enable X forwarding in /etc/ssh/sshd_config. It just makes it the default for ingoing connections. If you specify the -Y option in the command line thats all.