[mythtv-users] Running mythsetup from a Windows PC running Cygwin

Michael T. Dean mtdean at thirdcontact.com
Sat Feb 11 07:46:05 UTC 2006 

On 02/10/2006 05:00 PM, Raphael Pooser wrote:
> Michael T. Dean wrote:
>   
>> Raphael Pooser wrote:
>>> cygwin is all you need.  just export display before ssh and it's even 
>>> easier, you can export DISPLAY=localhost:0, then
>>> when you "ssh -X" it'll use your local display environment variable on 
>>> the remote machine.
>> Unless you're using an extremely old (and insecure) version of OpenSSH, 
>> it should be "ssh -Y".  The "-X" option enables X11 forwardig, but the 
>> "-Y" option enables "trusted" X11 forwarding.  Myth requires a "trusted" 
>> connection or you'll get all sorts of "BadMatch" errors.
>>     
> With the most up to date and secure open ssh and with -X, mythfrontend 
> seems to respond fine for me.
And those BadAtom/BadWindow/BadMatch errors you got in the terminal 
don't mean that mythfrontend is trying to use X resources to which the 
OpenSSH X11 proxy server is refusing access.  After all, it would be 
crazy to print those errors if they were actually errors.  So, you're 
probably right, OpenSSH is printing those messages even though nothing 
is wrong...
>   I even tested out running mythtv-setup.
> Trusted would be needed if you were connecting to a remote server say, 
> but even then, everything sent through the tunnel is encrypted.
Trusted X11 forwarding has nothing to do with encryption--it's purpose 
is to force you to explicitly give certain X11 server permissions to the 
X11 client that exists on the other machine.  Untrusted X11 forwarding 
("-X") allows you to protect the X11 server from the X11 client (which, 
ultimately protects you).
>   There 
> is no danger to using -X, which us unrelated to the danger of using an 
> insecure version of openSSH.
The point I was making is that on new versions of OpenSSH, you need to 
use "-Y" for trusted X11 forwarding.  Old versions used "-X", as there 
was no distinction between "trusted" and "untrusted" X11 forwarding--all 
X11 forwarding was trusted.  And, *all* of the old versions of OpenSSH 
that don't distinguish between trusted and untrusted forwarding are 
insecure.
>   give me a break.
Break me off a piece of that Kit Kat bar.

Mike

More information about the mythtv-users mailing list