X11 forwarding with Short-lived certificates

user81214 · May 24, 2023, 9:03pm

I have set up the server to utilize short-lived certificates for user login. However, I have noticed that X11 forwarding is disabled due to key options.
debug1: Remote: X11 forwarding disabled by key options.

Is there any way to have Cloudflare sign the key without the “no-x11-forwarding” option? I have been unable to find a method to ignore this key option.

dd-daniel · June 16, 2023, 12:12am

I am also interested in X11 forwarding with short-lived certificates.

Can we enable the permit-X11-forwarding extension on the short-lived certificates? If this isn’t desired for all users, could this be configurable per (Access) application?

Topic		Replies	Views
Short lived SSH certificates without access Access	0	948	May 10, 2023
Integrate short-lived SSH certificates with GitHub SSH CA Cloudflare Tunnel	0	827	June 22, 2023
Use SSH short-lived certificates for other hostnames Access	0	421	January 13, 2024
Tls certificate renewal Security	3	443	December 29, 2023
Extend SSL Security	3	372	January 3, 2024

X11 forwarding with Short-lived certificates

Related topics