Information
The 'X11 Forwarding' parameter defined within the /etc/ssh/sshd_config file specifies
whether or not X11 Forwarding via SSH is enabled on the server- The Secure Shell service
provides an encrypted 'tunnel' for the data traffic passing through it. While commonly used
to substitute for clear-text, CLI-based remote connections such as telnet, Secure Shell can
be used to forward an 'X Window' session through the encrypted tunnel, allowing the
remote user to have a GUI interface.
As enabling X11Forwarding on the host can permit a malicious user to secretly open
another X11 connection to another remote client during the session and perform
unobtrusive activities such as keystroke monitoring, if the X11 services are not required for
the system's intended function, it should be disabled or restricted as appropriate to the
user's needs.
Solution
Perform the following to implement the recommended state-# awk '/^X11Forwarding / { $2 = 'no' }
{ print }' /etc/ssh/sshd_config > /etc/ssh/sshd_config.CIS
# mv /etc/ssh/sshd_config.CIS /etc/ssh/sshd_config
# svcadm restart svc-/network/ssh