Debian: New openssh packages fix predictable randomness
LinuxSecurity.com: Jan Pechanec discovered that ssh fails back to creating a trusted X11 cookie if creating an untrusted cookie fails, potentially exposing the local display to a malicious remote server when using X11 forwarding.
SSH-COPY-ID(1) General Commands Manual SSH-COPY-ID(1)NAME
ssh-copy-id - install your public key in a remote machine's authorized_keys
SYNOPSIS
ssh-copy-id [-i [identity_file]] [user@]machine
DESCRIPTION
ssh-copy-id is a script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be
enabled, unless you've done some clever use of multiple identities)
It also changes the permissions of the remote user's home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would oth-
erwise prevent you from logging in, if the remote sshd has StrictModes set in its configuration).
If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in your
ssh-agent. Otherwise, if this:
ssh-add -L
provides any output, it uses that in preference to the identity file.
If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fin-
gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
if necessary)
SEE ALSO ssh(1), ssh-agent(1), sshd(8)OpenSSH 14 November 1999 SSH-COPY-ID(1)