Information
The X11 Forwarding parameter defined within the /etc/ssh/sshd_config file specifies whether or not X11 Forwarding via SSH is enabled on the server: The Secure Shell service provides an encrypted 'tunnel' for the data traffic passing through it. While commonly used to substitute for clear-text, CLI-based remote connections such as telnet, Secure Shell can be used to forward an 'X Window' session through the encrypted tunnel, allowing the remote user to have a GUI interface.
Rationale:
As enabling X11Forwarding on the host can permit a malicious user to secretly open another X11 connection to another remote client during the session and perform unobtrusive activities such as keystroke monitoring, if the X11 services are not required for the system's intended function, it should be disabled or restricted as appropriate to the user's needs.
Solution
Perform the following to implement the recommended state:
# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
# awk '/^X11Forwarding / { $2 = 'no' } { print }' /etc/ssh/sshd_config > /etc/ssh/sshd_config.CIS
# mv /etc/ssh/sshd_config.CIS /etc/ssh/sshd_config
# svcadm restart svc:/network/ssh